info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
ntlmv1 authentication on Yosemite desktop share
2,203 views
Skip to first unread message
Allan
Oct 23, 2014, 6:37:20 AM10/23/14
to
I've a few clients restricted on Windows systems (through local policy)
that can only authenticate using LM or NTLMv1 ... don't ask !! Since
upgrade to Yosemite those client connections are rejected. Can't change
Windows clients - what options on Yosemite to enable ntlmv1 auth on SMB
shares?
that can only authenticate using LM or NTLMv1 ... don't ask !! Since
upgrade to Yosemite those client connections are rejected. Can't change
Windows clients - what options on Yosemite to enable ntlmv1 auth on SMB
shares?
.png)
Jaimie Vandenbergh
Oct 23, 2014, 8:23:58 AM10/23/14
to
10.7, when Apple replaced Samba with its own Windows sharing
implementation.
Your choices are probably restricted to
a) reverting to whichever OSX you were on before
b) compiling and installing a modern Samba with NTLMv1 support (and that
may be a contradiction in terms, I'm not sure!) and using that instead
c) Carry around a VM of either the older OSX or an older Windows and use
that to share
Or burn down the clients, that would probably be appropriate.
Cheers - Jaimie
--
"Once you adopt the unix paradigm, the variants cease to be a problem - you
bitch, of course, but that's because bitching is fun, unlike M$ OS's, where
bitching is required to keep your head from exploding." - S Stremler in afc
.png)
Allan
Oct 23, 2014, 8:26:02 AM10/23/14
to
Managed to work it out ... or at least what looks like a solution.
dtruss'd smbd and noticed it trying to open a com.apple.GSS.NTLM.plist
file which didn't exist. Created one with the following content and all
seems to work ... for now at least :
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NTLMv1</key><true/>
<key>NTLMv2</key><true/>
</dict>
</plist>
dtruss'd smbd and noticed it trying to open a com.apple.GSS.NTLM.plist
file which didn't exist. Created one with the following content and all
seems to work ... for now at least :
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NTLMv1</key><true/>
<key>NTLMv2</key><true/>
</dict>
</plist>
Jaimie Vandenbergh
Oct 23, 2014, 8:40:02 AM10/23/14
to
On Thu, 23 Oct 2014 16:26:00 +0100, Allan <alli...@hotmail.com> wrote:
>Managed to work it out ... or at least what looks like a solution.
>
>dtruss'd smbd and noticed it trying to open a com.apple.GSS.NTLM.plist
>file which didn't exist. Created one with the following content and all
>seems to work ... for now at least :
>
><?xml version="1.0" encoding="UTF-8"?>
><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
>"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
><plist version="1.0">
> <dict>
> <key>NTLMv1</key><true/>
> <key>NTLMv2</key><true/>
> </dict>
></plist>
Wow. I'm shocked and amazed. Good work!
>Managed to work it out ... or at least what looks like a solution.
>
>dtruss'd smbd and noticed it trying to open a com.apple.GSS.NTLM.plist
>file which didn't exist. Created one with the following content and all
>seems to work ... for now at least :
>
><?xml version="1.0" encoding="UTF-8"?>
><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
>"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
><plist version="1.0">
> <dict>
> <key>NTLMv1</key><true/>
> <key>NTLMv2</key><true/>
> </dict>
></plist>
Cheers - Jaimie
--
Note that despite substantial evidence to the contrary, it is in fact possible
to delete files copied to the desktop, and you don't need to throw away the
computer and get a new one once the desktop is full. -- Peter Corlett, ASR
.png)
msf...@gmail.com
Oct 13, 2015, 4:07:09 AM10/13/15
to
Allan
I am trying to figure this out on a El Capitain machine connecting to an older windows based music server (hence can change that OS). For a not techie, like me, can you help explain how to do this?
thank you
-michael
msf...@gmail.com
I am trying to figure this out on a El Capitain machine connecting to an older windows based music server (hence can change that OS). For a not techie, like me, can you help explain how to do this?
thank you
-michael
msf...@gmail.com
0 new messages