Created attachment 13617 [details]
Wireshark capture of login attempt
With the current Samba default "ntlm auth" setting of ntlmv2-only, authentication fails from Windows 10 clients if they have "Network security: LAN Manager authentication level" set to "Send LM & NTLM - use NTLMv2 session security if negotiated.
I am able to authenticate if I change "ntlm auth" to ntlmv1-permitted, or if I change the Windows "Network security: LAN Manager authentication level" policy to "Send NTLMv2 response only".
Created attachment 13618 [details]
Debug level 10 log
I think this is actually the expected result.
NTLMv2 Session Security, is not full "NTLMv2" authentication.
it's just NTLMv1 + a bit more advanced session key generation.
Please reopen if you really think it's a bug.