14322 – Server not accessible when config option "server max protocol = NT1" specified

Bug 14322 - Server not accessible when config option "server max protocol = NT1" specified

Summary: Server not accessible when config option "server max protocol = NT1" specified

Status:	RESOLVED INVALID

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	File services (show other bugs)
Version:	4.11.7
Hardware:	All Linux

Importance:	P5 major (vote)
Target Milestone:	---
Assignee:	Samba QA Contact
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2020-03-18 19:24 UTC by Carsten Menke
Modified:	2021-02-10 12:36 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Carsten Menke 2020-03-18 19:24:27 UTC

We recently upgraded from Samba 4.9 to Samba 4.11.7 after upgrading the clients (Windows 7 and Windows 10) failed to access the network shares. We tracked this down that the config option server max protocol = NT1 is responsible for this

After commenting out "server max protocol = NT1" Access works, unfortunately we really need SMB1 support as our main Application doesn't work in SMB2 reliably.

So our only option is to downgrade to 4.9 right now

Comment 1 Jeremy Allison 2020-03-18 19:28:39 UTC

I'm confused. Once you've upgraded the clients, aren't they then using SMB2 to access the server ? Which would explain why they're not accessing the Samba server.

You need to provide more info, network traces etc. showing what is going on here and what you expect before any progress can be made.

Comment 2 Stefan Metzmacher 2020-03-20 12:04:29 UTC

(In reply to Carsten Menke from comment #0)

If you use "server max protocol = NT1", you also need "server min protocol = NT1".
As the default for "server min protocol" changed to "SMB2_02"
and as result your max protocol is lower than min protocol.

But why are you disabling SMB2/3 for modern clients?

Comment 3 Carsten Menke 2020-03-31 06:58:47 UTC

(In reply to Jeremy Allison from comment #1)

This was just not very good described, this is just what we have done in order while maintaining our network. So the problem is not that the clients are not able to speak SMB2 but that the Application running on the clients is an old DBASE Application which really has problems on SMB2.

So what traces do you exactly need? I can provide them

Setting 

server min protocol = NT1 or LANMAN 
server max protocol = NT1

doesn't help I've tested this. Basically you can just put

server min protocol = NT1
server max protocol = NT1

to your smb.conf and then you will not be able to access any shares (tested with Windows 10) so it's simple to reproduce

Comment 4 Björn Jacke 2021-01-27 14:54:47 UTC

the application in the windows client doesn't care about the SMB protocol that the client OS speaks. You probably have  a different kind of problem there with your old DBASE application then. Bugzilla is not suitable to help debug such problems, your best option would probably be some kind of commercial support, who is able to help debug your issue deepöy, see

Comment 5 Björn Jacke 2021-01-27 14:56:12 UTC

(pressed save too early)
see https://www.samba.org/samba/support/globalsupport.html for good options for commercial support options.

Comment 6 Björn Jacke 2021-02-10 12:36:09 UTC

some links just for reference:

https://www.quora.com/Can-Dbase-3-work-on-Windows-10
https://cantaria.de/dbase-tricks/alte-dbase-versionen-mit-windows-10/

It's probably a good idea to stop using those decates DOS based, unmaintained database applications.