Solved

Accessing a XFS share from Windows 7 Pro...

Posted on 2011-09-08
12
1,208 Views
Last Modified: 2012-05-12
I have a Windows 2003 AD network.

99% of my clients are XP Pro -I am just getting into Win 7 Pro.

I have two "Buffalo" Brand NAS boxes that run an XFS file system; I am told it is some version of Samba, but I am not sure.

The Buffalo boxes are AD aware, and integrate with AD to allow me to use user and group accounts for access control on the NAS.

I had some issues with all my machines and permissions on these NAS boxes. Once these issues were solved, the only machines I have left that are ahving issues are my two Win 7 machines.

Basically, my login script connects my clients to several network locations; three connections are all to the same Buffalo box, connecting to three different shares.

The script stops at the line for the Buffalo NAS, and says the user name or password is incorrect, allowing me to type in in manually.

In short, the only option that works is if the NAS is set to share with no access control set at all... Otherwise, I get a prompt to insert a password, non of which seems to do any good.

How can I access this NAS data from this new fangled Windows 7 thing...

Thanks in advance
0
Comment
Question by:RKoons
  • 6
  • 4
12 Comments
 
LVL 4

Expert Comment

by:klodefactor
ID: 36507614
How old is the Buffalo NAS (and its version of Samba)?  This may be due to Windows 7 forcing the use of NTLMv2 for authentication.

You can change the way Win7 authenticates by editing the registry.  Editing the registry can be dangerous if you make a mistake; be careful.

Both of the following keys should be set to "1":
HKLM\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel
HKLM\System\ControlSet001\Control\Lsa\LmCompatibilityLevel
This tells Win7 to use NTLMv2 only if negotiated, otherwise to fall back to LM and NTLM.  Note that this change affects security on your network, so decide whether the trade-off is worth it to you.

--klodefactor
0
 
LVL 1

Author Comment

by:RKoons
ID: 36522989
The NAS is about 3-5 years old, and I'm not sure which version the NAS OS is. I tried the suggestions and the first one was not set to 1, but the change did not make any difference.

Thanks anyway
0
 
LVL 4

Expert Comment

by:klodefactor
ID: 36523453
I forgot to mention that you have to reboot after making that registry change.  If you haven't already, please do so and try again.

I also forgot to ask whether you'd reviewed the Buffalo NAS logs (and maybe enabled extra debugging output if that feature is available).  Also, have you reviewed the event logs on the AD server?

If that doesn't work and it were me with this problem, I'd probably break out the packet sniffer next.  Are you comfortable doing so?

--klodefactor
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 1

Author Comment

by:RKoons
ID: 36529298
Re-booting did not help...

There are no logs on this NAS...

I don't mind using a snifer, but I don't have alot of experence reading data from one, and I don't have one handy.

Is there something I can download to use for this purpose?
0
 
LVL 59

Expert Comment

by:LeeTutor
ID: 36969886
I've requested that this question be deleted for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
 
LVL 1

Author Comment

by:RKoons
ID: 36968707
I have come the the conclusion that this version of Buffalo is just too old for a Win 7 device to connect to.

I will have to try another option
0
 
LVL 4

Expert Comment

by:klodefactor
ID: 36969872
I encountered a similar problem just yesterday from my MS Windows 7 PC, connecting to a very old Samba server.  Given that your Buffalo NAS likely uses Samba, read on.

A colleague tells me there are two possible causes.

Can you tell me whether you're trying to access the UNC path (e.g. \\servername\sharename), or are you trying to map a drive letter?  Apparently mapping a drive letter may work even if accessing the UNC path fails.

Otherwise the probable cause is  Microsoft SMB patch that broke access to old Samba servers, if they're configured to use unencrypted passwords.  There were different problems depending on whether the client was Windows XP or Win 7.  Details are at http://support.microsoft.com/kb/2536276, but in summary, try uninstalling security update 2536276, then reboot, then check whether that fixes the problem.  Note that you may have to uninstall the security update twice in a row due to a weird problem described int the KB article.

If removing the security update fixes the problem, you really should re-install the update, then reconfigure the Buffalo NAS to use encrypted passwords.

--klodefactor
0
 
LVL 4

Expert Comment

by:klodefactor
ID: 36969887
Just yesterday I came across a possible cause and workaround for the problem, which I've added to the question.
0
 
LVL 4

Expert Comment

by:klodefactor
ID: 36969913
I forgot to mention that the MS patch on Windows XP systems revealed a bug in Samba, which has since been fixed.

Did you check for updated software for the Buffalo NAS itself?

--klodefactor
0
 
LVL 1

Author Comment

by:RKoons
ID: 37059798
I removed the patch from my test workstation. This did not resolve the issue.

I also checked the firmware on the Buffalo NAS, and the version I am running is current; there are no additional updates.

The login script I am using is written as follows:

"NET USE G: \\Kchgo-bnas01\Photos-AP"  

Finally, This version of Buffalo - Firmware does not have an encrypted option.

I think ultimatly I am going to need to break down and get a newer device in this location.
0
 
LVL 4

Accepted Solution

by:
klodefactor earned 500 total points
ID: 37073216
Reading back over the thread, it's odd that changing the registry key didn't help.  That's exactly what I had to do in a similar environment.

I think you might be right about updating your NAS.  Unless you feel like trying Wireshark, which is the network packet analysis tool I mentioned earlier.  We could at least see whether your Win7 box is still forcing NTLMv2 for some reason.

BTW I don't know the Experts Exchange policy, but sometimes the only solution is "there is no solution".  Please consider that when deciding whether to abandon the question, or to award points :-).

--klodefactor
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question