FreeNAS 9.10.2 STABLE U2 (e1497f2) CIFS mount from fstab no longer working

Status
Not open for further replies.
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,553
A few quick points regarding NTLMv1 vs NTLMv2:
  • NTLMv1 is utter crap. Horrifically insecure. Don't use it in a business environment.
  • MS claims windows is supposed to automatically negotiate the highest supported protocol, but I have heard this is a lie. Windows does what it bloody well pleases. Disable LM and NTLMv1 on clients to prevent auto-negotiation stupidity.
  • I believe samba stores the same password hash for NLTMv1 and NTLMv2. The key difference is how the challenge-response is calculated.

If NTLMv1 works, but NTLMv2 doesn't try the following:
  • Disable LM and NTLMv1 on client
  • Verify that Netbios name, workgroup, hostname are set correctly and consistently.
  • Authenticate using UPN <netbios name of server>\<UserName>. I.e. for user "bob" on "freenas" freenas\bob
  • From samba-technical - "The primary use of NTLMv1 is MSCHAPv2 for VPNs and 802.1X. For example, PEAP/MSCHAPv2 for wireless network or VPN authentication with RADIUS will need this option enabled."
I personally think it's less of a security risk in a business environment to have a "guest" share that the MFC can write to than globally enabling NTLMv1.
 
Last edited:
M

MindBender

Explorer
Joined
Oct 12, 2015
Messages
67
Unfortunately, the Sonos sound system still doesn't support NTLMv1. Mine started giving me Access Denied errors whenever I wanted to play anything. However, testing the same credentials on different workstations worked fine.

Enabling LM as discussed here, got my Sonos' working again.
ntlm_auth.png
 
Johnny Fartpants

Johnny Fartpants

Guru
Joined
Jul 3, 2015
Messages
926
Grewterd said:
Just updated to FreeNAS 9.10.2 STABLE U2 (e1497f2), after reboot, my Ubuntu clients will no longer mount CIFS shares in fstab, getting mount error(13): permission denied.

My fstab line is:

//servername/sharename /path/tomountto cifs credentials=pathtocredfile,_netdev,rw,user,sec=ntlm,uid=1000,auto 0 0

Credentials file:

username=username
password=password
domain=domain

Trying manually from command line gets same error:

sudo mount -v -t cifs //servername/sharename /path/tomountto -o credentials=pathtocredfile,_netdev,rw,user,uid=1000,auto,sec=ntlm

Removing sec=ntlm resolves the issue. I tried all the other sec=ntlm* arguments, same thing.

Just wondering if something changed to cause this, if it's just me, etc. Thanks.
Click to expand...
I had the same issue after updating yesterday but my issue was with SMB1. I had to add the option vers=3.0 into my fstab and all was fine.
 
Status
Not open for further replies.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "FreeNAS 9.10.2 STABLE U2 (e1497f2) CIFS mount from fstab no longer working"

Similar threads

melloa
  • Locked
Update to FreeNAS-9.10.2-U2 broke SMB permissions
2
Replies
37
Views
13K
guruNC
G
S
  • Locked
Mounting CIFS w/ SMB3 to fstab
Replies
2
Views
11K
Stryf
S
M
SOLVED Mounting SMB with Ubuntu: mount error(95)
Replies
3
Views
65K
Justcreatedanaccoun
J
L
fstab mount error
Replies
2
Views
2K
leksand
L
nanopete
  • Locked
Mount samba/SMB/CIFS persistently through fstab
Replies
11
Views
38K
pizzaazzip
pizzaazzip
Top