# SMB shares and Tiger



## Tommo (May 6, 2005)

I am having trouble connecting to some smb shares since installing Tiger. If I login using a local account I can connect to these shares via go to server or by browsing with no problem at all.

However is I login against the Active Directory I get a -36 error if I go to server and if I try and browse I get a broken alias error. I think it is trying to use NTLMv2 authentication not NTLMv1.

Any help with this would be greatly appreciated.


----------



## The Ghost (May 6, 2005)

Tommo said:
			
		

> I am having trouble connecting to some smb shares since installing Tiger. If I login using a local account I can connect to these shares via go to server or by browsing with no problem at all.
> 
> However is I login against the Active Directory I get a -36 error if I go to server and if I try and browse I get a broken alias error. I think it is trying to use NTLMv2 authentication not NTLMv1.
> 
> Any help with this would be greatly appreciated.



Please decribe your situation completely--hardware, what your are trying to share, etc.


----------



## kevster (May 6, 2005)

Tiger now assumes that your smb server accepts encrypted passwords. Older Windows NT and Unix/Linux servers running Samba (versions older that 3.0) are configured to accept Plain Text passwords. It is highly recommended that the severs be re-configured to accept encrypted passwords.  However below is a fix to tell Tiger to send a plain text password for authentication. This assumes you have a working knowledge of the unix command line.

1. open a terminal session
2. cd /etc
3. sudo vi nsmb.conf (NOT the smb.conf file...this may ADD a new file...)
4. add these lines...
[default]
minauth=none

5. save file (wq)

BE AWARE that this now sends  plain text and can be easily captured (via tcpdunp).


----------



## Tommo (May 9, 2005)

The problem I am having is connecting to a file share on a Network Appliance Filer. All shares on my Windows 2000/2003 servers connect with no problem. I have looked into the encryption issue for passwords, but does not appear to be the case as I assume the password is sent in the same manner regardless of how you have authenticated on the Mac.

In trawling other forums and pages it appears that OS 10.4 has broken quite a bit of networking, since upgrading at home I no longer have an iternet connection and have no idea why as everything reports as being connected :-(


----------



## Pengu (May 9, 2005)

maybe the network appliance doesn't accept encrypted passwords?


----------



## Tommo (May 9, 2005)

Oh it does, I can't believe that they are sent encrypted under AD authentication and ont under local when connecting to the same server with the same AD account.

I know it can only accept NTLMv1 password, but according to my reading of the /etc/smb.conf file NTLMv2 encryption is not switched on. If anyone knows of somewhere else in the GUI to disable it I would be very grateful if they would let me know ?


----------



## Clivey (May 9, 2005)

Hello. I have in the past, automatically installed the MS UAM for OS X - this gives some options on the fly without having to edit .conf files.
I couldn't (bizarrely) find on the MS site, but it full title is 'Install MSUAM for X.pkg'. A google may help, alternatively, (since it's freeware) mail your email address and I'll send it to you.
Regards


----------



## Tommo (May 9, 2005)

Managed to find a copy, but that has not helped, thanks. I have also found the same problem afflicts our network printers under Tiger. Odd as I am able to connect to shares on the print server.


----------



## jevridon (Aug 11, 2005)

I have a related problem, although somewhat different.

I was using File Buddy to create a "snapshot" (a cascading list of all the files and folders listed within a server and/or folder on a server) of a folder on a Windows server when I receive a "error -36" message.  Utilizing the "Help File" of the File Buddy application, I found that the "error -36" message was a type of authentication error and I followed instructions on how to send unencrypted passwords to Windows servers:
----------------------------------
Warning: If you configure your computer to allow connections to Samba 
or Windows (SMB/CIFS) servers using plain text passwords, when you 
attempt to make any connection to such a Samba or Windows (SMB/CIFS) 
server, your password will be sent "in the clear". This means that it 
is possible for someone who is monitoring your connection to see your 
password. This could lead to someone compromising the Samba or Windows 
(SMB/CIFS) server. We strongly recommend that you configure your Samba 
or Windows (SMB/CIFS) servers to exclusively use encrypted passwords.
Follow the steps below to configure your computer to use plain text 
passwords to make SMB/CIFS connections when the specified Samba or 
Windows (SMB/CIFS) server does not support encrypted passwords. (You 
must be an administrator to do these steps.)
	1.	Make sure that you are not currently connected to any Samba or 
Windows (SMB/CIFS) servers and that you do not have any Samba or 
Windows-related error messages open.
	2.	Open the Terminal (/Applications/Utilities/).
	3.	At the prompt, type: sudo pico /etc/nsmb.conf
	4.	Press Return.
	5.	Enter your password when prompted, then press Return again.
	6.	You should see an empty file and a "New File" notice at the bottom 
of the pico window. If you do not see the "New File" notice, this file 
already exists.
	7.	Enter the following into the file so that it appears as follows:

	8.	[default]
	9.	minauth=none
	10.	

	11.	Save the file (press Control-O), press Return, then exit pico 
(Control-X).
	12.	Type: sudo chmod a+r /etc/nsmb.conf
	13.	Press Return.
	14.	Restart your computer.

----------------------------------

My question is:  How do I undo the above steps to reconfigure 
the Macintosh to send encrypted passwords?

Thanks, everyone.


----------



## son77 (Jan 3, 2006)

Hi I have another problem, which may fit in with in this area, I have recently upgrade a G5 to tiger, and brought to G5s which came with tiger installed

I have two Windows 2K servers, all with folders file sharing.

When using panther i can connect to them with no problem, I can create folders, delete folders, i can drag files in, replace the files once updated and delete the files.

But when using tiger I connect using SMB, I create folders, Drag files in.
I cant delete folders, files or update them via tiger it says "the operation cannot be completed because you do not have sufficient privileges for some of the items" it also adds in an extra file which you can see on the PC but not on the mac. 

I would like to get this sorted, so i can upgrade all the other macs to tiger.

any suggestions would be helpful.

thanks.


----------



## mengjuicy (Jan 3, 2006)

"3. At the prompt, type: sudo pico /etc/nsmb.conf"

pico was not found in /bin on my tiger?
I could just use vim or something right?
So what will I do about the New File notice...

-------------------------------------------

http://www.FancyAsian.Com


----------



## son77 (Jan 4, 2006)

if your having any problems may i recomend that you check out PC MACLAN from computer associates

http://ca.miramar.com/

install it on your PC and this will let all your macs talk to your PC's


----------

