From https://lists.samba.org/archive/samba-technical/2017-June/121241.html: Found at the plugfest. The Apple MacOS X Sierra SMB2 server has a bug. It only supports NTLMv2 but doesn't negotiate it in the chal_flags returned to the client. Windows clients work as use NTLMv2 by default and ignore the negotiate but. Here is a patch that adds a tunable ntlmssp_client:force ntlmv2 (default off) that allows smbclient, libsmbclient and associated tools to still connect to the MacOS X Sierra SMB2 server. I'm ambivilent about this - this is a server bug, but until they fix it no Samba client tools can connect to this server without this fix. We get: ntlmssp_handle_neg_flags: Got challenge flags[0x22810205] - possible downgrade detected! missing_flags[0x00080000] - NT code 0x80090302 NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY SPNEGO(ntlmssp) login failed: NT code 0x80090302 session setup failed: NT code 0x80090302 Should I log a Samba bug ? Do we want this patch ? Comments welcome. Jeremy,
Created attachment 13307 [details] Possible patch for master
Created attachment 13321 [details] git-am fix for 4.6.next, 4.5.next. Cherry-picked from master.
(In reply to Jeremy Allison from comment #2) Pushed to autobuild-v4-{6,5}-test.
(In reply to Karolin Seeger from comment #3) Pushed to both branches. Closing out bug report. Thanks!