Windows Guru: Why Samba can’t handle Vista… And It’s Not Samba’s Fault

“What’s Samba? The popular Network File Serving (NFS)” NFS and Samba are two entirely different systems for file sharing.

Agreed. We got too cute. Note our NFS doesn’t stand for Network File System (as in the Sun Microsystems protocol).

From Librenix’s Linux Networking Tutorial: “NFS and Samba are very similar. Both have a client and server application. Both allow a server to share files with clients. Both have clients and servers on almost every platform. The big difference is the Windows PCs have Samba-compatible clients and servers as part of their default network support and Windows requires third party software to support NFS. Conversely, UNIX systems usually come with and use NFS by default with Samba being used to provide file sharing with Windows PCs.”
(http://librenix.com/?inode=390)

If the definition of Samba and NFS being very similar, because they do share files with a client, Samba and NFS would also be ’similar’ to FTP and even Apache/HTTP.
This definition itself is faulty.
It should state ‘both (NFS + Samba) make (local) filesystems or part of them being accessible over the network - both are making _direct access_ (r/w) possible over the network’ or something similar.

Samba is not a reverste engeneering of windows protocol.
Samba is reversed engineerd from micrsoft, but just an implementation of SMB protol. Protol is an official standard.
Microsoft fileshareing is also base on SMB with some extentions

You can read this here
www.groklaw.net/article.php?story=20050205010415933&query=smb+protocol

@Volker. You said a discussion of NFS vs Samba should include “both (NFS + Samba) make (local) filesystems or part of them being accessible over the network - both are making _direct access_ (r/w) possible over the network.”

It does now include that description, thanks to your contribution.

Again, apologies to all for our fumbled attempt at cuteness by bending the initials “NFS” for other purposes.

We threw some completely off the point of the article.

The encarta definition of reverse engineering is a bit biased isn’t it? I wonder how many people use Encarta as their reference, and if so whether Microsoft may have overstepped the mark on that one. If schools for example used Encarta, then they’d be teaching their students lies.

Reverse engineering has long been accepted, and not only in the computer industry. I remember visiting car manufacturers and seeing their dismantling days when they took apart a competitor’s car they’d bought. I also not Microsoft have a lab dedicated to seeing what Linux does and how.

@Jeroen. Thanks for the much-needed opening. In “Myths About Samba” at Groklaw, Andrew Tridgell discusses the difference between “classical reverse engineering” (which the Samba team regards as legally questionable) and the Samba techniques, which he describes as “network analysis” or “protocol analysis.”

Carnegie Mellon’s Software Engineering Institute describes reverse engineering like this: “The process of analyzing a system’s code, documentation, and behavior to identify its current components and their dependencies to extract and create system abstractions and design information. The subject system is not altered; however, additional knowledge about the system is produced.”
http://www.sei.cmu.edu/str/indexes/glossary/reverse-engineering.html

And here’s Microsoft’s (not surprising) definition, via Encarta: “stealing competitor’s technology: the pirating of a competitor’s technology by dismantling an existing product and reproducing its parts and construction to manufacture a replica.”
http://encarta.msn.com/encnet/features/
dictionary/DictionaryResults.aspx?refid=1861702028

We view Tridgell’s definition as overly focused on unethical software cracking, while Microsoft’s def is self-serving and fatuous. Carnegie Mellon has it about right.

Mr. Corfield commented that if we use the Microsoft definitions as stated in Encarta, the schools would be teaching lies.

I am sorry to state that this is already the case. Read any history book, and you are guaranteed at least two lies per chapter. People tend to forget that history is written by the victor.

Read any science text and you will also find lies. Finish your high school science text, then pick up a copy of The Quantum World. Quantum physics teaches us that what applies at the levels we see does not always apply to the sub-atomic.

How about math? One plus one equals two. Why? Because some nut randomly decided that this unit will be one and more than one and less than three is two.

We have numbers on a base ten. This is taught as just the way it is. It’s not taught as a possible method of counting. You don’t see your students exploring octal, hex and binary. You don’t see anyone mentioning that we have 360 degrees in a circle because that was how it was done in the Middle East, where algebra and it’s basic components came from. No.

“It’s just the way it is. Don’t ask why. ‘Why’ is bad.”

How is this Vista’s fault, if Samba couldn’t address fast queries before the version stated in the article? I’m not MS fanboy, and I’m frustrated that I can’t use my TeraStation with the beta OS, but I must have missed something about how it’s MS’s fault, when a newer version of Samba fixes the issue.
Darn - I want to use my TeraStation but not get stuck at XP!

re: “How is this Vista’s fault, if Samba couldn’t address fast queries before the version stated in the article?”

Where did the article say it was Vista’s fault?

MS built WinX. Samba designed for WinX. Now MS in *working* on WinY (Vista). Vista is currently in *beta*.

Last I heard, Vista is not scheduled for public release till January 2007.

Nevertheless, the latest Samba revs can handle fast queries… just like the article says.

Hmm, seems that the title of the article at least implies that it’s Vista’s fault: “Windows Guru: Why Samba can’t handle Vista… And It’s Not Samba’s Fault” Unless there is a third party involved here not previously mentioned!

If you’re saying that your article doesn’t explicitly state that it is Vista’s fault, you’re correct, but it does so by saying it’s not Samba’s fault.

If any of you are having problems with Vista logon to NAS devices running Samba, try:

Run secpol.msc

Go to: Local Policies > Security Options

Find “Network Security: LAN Manager authentication level”

Change Setting from “Send NTLMv2 response only”
to
“Send LM & NTLM - use NTLMv2 session security if negotiated”

Vista defaults to only send the more secure NTLMv2 protocol, which these NAS devices / Samba do not support.

Thank you, thank you, thank you Jeff. I have been fighting this for weeks… finally found this thread and made the change you suggested and now all works fine.

Thank you….million times over thank you for this tip. The migration to Vista proceeds….

Thank you Jeffc for this post! Been looking for hours all over the Net to find an answer to why Vista wouldn’t connect to my Mac server (OSX 10.2) … works great now. Thanks!

Thank you very much for the tip Jeffc. Unlike 99% of the whinging idiots on these sites, you actually solved the problem instead of just pointing fingers at Microsoft.

If you are having problems with Vista logon to NAS devices, this will work: (Knowledge is the key)

Click Start->Run
Type
secpol.msc
Click OK

Click on
Local Policies -> Security Options
Click on Network Security: LAN Manager authentication level”

Change Setting from “Send NTLMv2 response only” to
“Send LM & NTLM - use NTLMv2 session security if negotiated”

help, i cannot run or find secpol via a search in vista. what is the full name for the service as accessed via control panel - administrative tools - services please

Can’t find secpol either. After searching, realized it doesn’t come with home premium version. Can find in XP with no problems. No policy editor in home premium. Any ideas how to change?

I did that and my NAS box still doesn’t connect

Tom I have the same problem NAS just does not respond when accessing from VISAT machine. I have tried the suggestion below but still no joy do you have any other ideas?

Jason

I was unable to locate secpol.msc in Vista. You can however diable User Account Control by running msconfig..selecting tools, highlite disable UAC and click launch. Reboot required.

If you’re running a version of Vista that cannot use secpol.msc, you can edit the registry instead. Just change the value of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\LMCompatibilityLevel from a 3 to a 1.

From the key specified:

“ValueType”=dword:00000004
“DisplayType”=dword:00000003

Is it the “DisplayType” field entry that needs to be changed?

I also modified the LMCompatibiityLevel setting - it seems to have made things better (doing ‘net view \\servername’ results now in error 2114 - Server Service not started, instead of error 5 - Access denied’).

However, I am also unable to still connect - is this due to the ‘fast queries’ problem? From the sound of the symptoms of that problem, it doesn’t sound like it.. The NAS manufacturer (Tritton) seems to think it might be; (their FW upgrade for Samba is months away

Anybody know how I can switch to ’slow queries’ and re-try? This is gating Vista deployment for me (OK, I am a 4-pc deployment house

Thanks,

Venu

I changed the LMCompatibiityLevel settings as suggested, also tried the patch from Linkstation that modifies the registry to level (2), tried modifying registry manually to level (1), tried every combination therof and still can’t access protected shares. I can access unprotected shares just fine. It did work briefly after applying the Linksation reg. patch but then after rebooting it stopped working again. I went back and reset everything to start over but can’t get it working again. Any ideas?

Thanks.

John

In addition to the LM Compatibility level you may also have to set. “Send unencrypted password to third-party SMB servers”.

Run secpol.msc

Go to: Local Policies > Security Options

Find “Network client:Send unencrypted password to third-party SMB servers”

Change Setting to “Enabled”

Wayne: thanks so much for the registry tip! I’m running vista home (ick) and was about to give up on connecting to my samba server until your registry change fixed it. yay.

Thanks for the “Send unencrypted password to third-party SMB servers” suggestion, but tried that and still won’t let me connect to protected shares, can access unprotected shares just fine.

how to change the send unencrypted option manually , as I am using home premium without the secpol.msc ??

Tisočkrat hvala!
Thx a lot, Jeffc. Change “Network Security: LAN Manager authentication level” helped. Now I can use my SAMBA connections.

Hi there…
I am running Vista x64 and I cannot access my Vantec NAS drive.
It works fine with other systems, including Vista x86 32bit systems.
I have tried all the recommendations above, but none have helped.

Any other ideas for Vista x64?
Thx muchly!

Since the article was posted way back and now Vista is officially released I am just reporting my experience as an end user. I couldn’t understand why when I copy a huge 4GB file to my samba share its too damn fast. But when I copy 35 mbs of some 1000+ files it takes forever. 9 hrs or so for 4000files totatlling 250MB around.
I was searching for an answer. I hit google, I dropped here. This article explains it all very nicely “fast queries”, must be some very important thing. I don’t care whose fault it is or who is reverse engineering. Both Windows File share and Samba are incredible things. One without the other would suck too much. All I want to know when are they gonna fix it. And No! I am not talking about some buggy, patch, beta version or a swift upgrade with my eyes closed. I have learned to upgrade only when absolutely necessary.
Thanks.

I second uncletom’s question. How does one change the ’send unencrypted password’ setting without secpol.msc (i.e., using Vista Home)?

Here is the reg. location for the SMB password. I haven’t checked it out at home yet.

MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnablePlainTextPassword

I found it on this site:
http://www.fiveanddime.net/windows-vista-notes/windows-vista-registry-settings.html