Connect Windows Vista to Fedora 9 Linux Samba
The main difficulty in connecting Vista to Linux Samba shares is with default authentication. Basically, Vista requires a stronger default authentication method than previous versions of Windows: NTLMv2, which is a good thing overall, but it can cause some problems when trying to connect to old versions of Windows or Linux/Samba. There are basically two ways around this: change Vista's authentication setting or change Samba's authentication setting. I made a few changes to my fresh Fedora 9 installation to minimize potential problems: I disabled selinux and iptables.
Change Samba's Default Authentication
Here is my current running configuration in the Windows registry:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"lmcompatibilitylevel"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0]
"NtlmMinClientSec"=dword:00000000
"NtlmMinSeverSec"=dword:00000000
Here is my current smb.conf:
client schannel = Auto
server schannel = Auto
lanman auth = No
ntlm auth = No
client NTLMv2 auth = Yes
client lanman auth = No
client plaintext auth = No
[global]
workgroup = Workgroup
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam
load printers = no
cups options = raw
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
; valid users = %S
; valid users = MYDOMAIN\%S
# A publicly accessible directory, but read only, except for people in
# the "staff" group
[share]
comment = Shared Stuff
path = /sharedfolder
public = yes
writable = yes
printable = no
write list = +staff
Change Vista's Default Authentication
I also had success with this configuration in the Windows registry:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"lmcompatibilitylevel"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0]
"NtlmMinClientSec"=dword:00000000
"NtlmMinSeverSec"=dword:00000000
Here was smb.conf:
[global]
workgroup = Workgroup
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam
load printers = no
cups options = raw
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
; valid users = %S
; valid users = MYDOMAIN\%S
# A publicly accessible directory, but read only, except for people in
# the "staff" group
[share]
comment = Shared Stuff
path = /sharedfolder
public = yes
writable = yes
printable = no
write list = +staff
To connect to this share in Vista, Start->Computer, type \\hostname\share into the address bar, then enter the username and password. This syntax also works when mapping a network drive, but make sure to use the correct username and password for the mapped drive (click "Connect using a different user name") to make sure the association is correct.