Aug 182012
 

So this week I had a client having massive problems connecting to SMB shares on their Mac Mini Server running Lion Server 10.7.4 using their Windows 7 workstation. This has happened several times to various clients running multiple versions of Windows and Mac OS X. This happens when attempting to connect to SMB shares on the OS X device from the Windows device. The error displayed on Windows is generally “The specified network password is not correct”. Of course you’ve checked the passwords, permissions, and verified that all other settings appear to be correct.

I was able to get the Windows workstation to connect to the Mac SMB share by altering the following settings on the Windows side:

If running the Pro versions of Windows 7 or Vista:

1. Click Start ---> Run --> secpol.msc
2. Browse to the following path: Local Policies --> Security Options --> Network Security: LAN Manager Authentication
3. Change NTLM2 responses only to LM and NTLM - use NTLMV2 session security if negotiated

If running the home version of Windows, there is no secpol.msc, so you must edit the registry instead using the following procedure:

1. Start --> Run --> regedit
2. Browse to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa
3. Find the Key "LMCompatibilityLevel" and change the 3 to 1
4. Reboot your machine

The reason this is necessary is because of the way Vista, Windows 7, and newer versions of Windows handle NTLMv2 authentication. Other/older implementations of SMB/SAMBA don’t support this method of authentication and will return a password failure.

These instructions may also work when attempting to connect Windows systems to shares hosted by other NAS devices or Linux SMB shares.