Got windows 7 installed and found an interesting setting. NTML version 2 is set by default and doesnt negotiate with v1 servers. Connecting to a mac os share would state access denied regardless of the credentials. The trick is to enable v1 if v2 doesn’t negotiate.
Open up the local security policy by running secpol.msc
Navigate to Local Policies -> Security Policies
Change Network Security: LAN Manager authentication level to: Send LM & NTLM - Use NTLMv2 session security if negotiated.
Close security policy and reconnect to the share. If it still doesnt work change the encryption level to not require 128 bit encryption.
Open Network security: Minimum session security for NTLM SSP based (including secure RPC) clients and uncheck the require 128 bit.
Open Network security: Minimum session security for NTLM SSP based (including secure RPC) servers and uncheck the require 128 bit.
Reconnect to the share and it should connect correctly.
6 Comments
Thank you so much for this, I searched fairly hard and couldn’t find out why I couldn’t access my mac shares, I previously knew about “Send LM & NTLM - Use NTLMv2 session security if negotiated” but not about the 128bit encryption options.
Good afternoon … thanks so much. You found the answer. XP always worked like a dream but Vista and 7 struggled logging onto the Mac servers. This is very helpful!! Happy New Year!!
Thanks man :)
Please can someone tell me what registry changes I need to make to resolve this problem on Windows 7 Premium which doesn’t have secpol.msc?
Thank you
Very Helpful! This saved my butt today!
Great info
I solved a companywide problem because of this
2 Trackbacks
[...] procedure on Win 7, due to access control protocols, that would seem to apply to both situations: http://www.mostlyoperational.com/?p=86 This is one bit that Microsoft has to say about it: [...]
[...] If you are looking for my windows 7 smb post you can find it here: http://www.mostlyoperational.com/archive/?p=86 [...]