History:
Was trying to run powershell scrips to rename folders but it couldn’t access files and folders for some reason, and a suggestion given was to re-map the drive via powershell.
as when " Get-PSDrive" was executed it didn’t show the mapped drive, but when I tried mapping in powershell it says it was already in use.
So I deleted the mapping via powershell and tried remapping, but it wouldn’t take the user/password originally used, but it would take a secondary one.
Problem:
I thought that was odd; so I tried longing in via the web UI and it worked. I restarted the computer and the truenas machine and now both initial login and back login doesn’t work to map the drive. (password incorrect prompt)
I can access via another machine so i think it’s just the PC where i tried to delete and map via powershell that screwed something up. there was also a previous suggestion to edit a gpedit; but that didn’t work so now I’m trying to find that thread to undo; but it was an undefined value before so this might be interesting.
iv’e tried logging in via just the network drive folder but that wouldn’t take the user/pass either anymore
There Is the possibility that TN and this client PC are using a different security level, so the password Is rejected.
By default TN reject ntlmv1, you can test if this Is the case just checking ntlm v1 auth into the SMB config → restart service, but in case you have to set ntlm v2 in the client PC because v1 Is really really old and unsafe
Oh hey that “ntlm” looks familiar, i before i had went into the windows (client PC) and had it only take ntlm v2 and before was undefined; which one should i set it to:https://4sysops.com/wp-content/uploads/2024/06/Group-Policy-setting-for-NTLM-security-levels.png Do i pick the second one off that list?
Also. is there a way i go see if that’s the reason on TN and re-configure if needed?
Afaik you should pick the last one from the list Send NTLMv2 response only. Refuse LM & NTLM
On TN you shouldn’t need anythning fancy to set, the default settings work for most use cases.
Odd that you previously set ntlmv2 and get credential errors, my previous suggestion was to quickly check if my suppose was right (because, changing on the client need pc restart, instead restart SMB is faster).
Also, can be worth too delete the credentials on the pc (if you checked "save credential or pass some argument to the command to do that) and add them again
This is the details i’m getting:
Logon Id: ‘0’
Logon Type: 3
Local Address: ipv4:192.168.0.xx:445
Remote Address: ipv4:192.168.0.x1:4585
Service Description: SMB2
Auth Description: Null
Client Domain: DESKtop
Client Account: admin
Workstation: DESKTOP
Became Account: Null
Became Domain: Null
Became Sid: Null
Mapped Account: admin
Mapped Domain: DESKTOP
Netlogon Computer: Null
Netlogon Trust Account: Null
Netlogon Negotiate Flags: ‘0x00000000’
Netlogon Secure Channel Type: 0
Netlogon Trust Account Sid: Null
Password Type: NTLMv1
Client Policy Access Check: Null
Server Policy Access Check: Null
Vers:
Major: 0
Minor: 1
Result:
Type: NTSTATUS
Value Raw: 3221225572
Value Parsed: NT_STATUS_NO_SUCH_USER
and looks like is it NTLMv1 and it looks like the old logs show NTLMv2 is there a way to force convert it?
[info in case, admin is a created admin/user account ie since root was deprecated?]
Did some more tests, even though it says no such user;
when i tried from a second computer and a second user that was previously created it was fine; but when i try that user on my first computer it says wrong password
edit 3: tried from 3rd PC, couldn’t login with initial ID (admin). After restart the second login worked (had to restart for some reason it wouldn’t take if i had tried the first login first) so i wonder if my powershell in deleting the mapped drive f’d some up indrectly.
Configure your client to not do that. If this is windows, it’s controlled by a registry setting. You may also want to investigate why the incorrect setting is present (since this may be malicious).
to be fair there’s no real way i can investigate; the powershell usage may be a bit misleading of how system savvy i am; but i was using google/gemenai to solve a renmaing issue. which indirectly caused this issue. basically worse come to worse i would just reinstall my main PC and hope that works. but i’m hoping to solve it without going through all that hassle.
That’s why i ask how to do this “Configure your client to not do that. If this is windows, it’s controlled by a registry setting.” specifically so i don’t google and find the wrong thing and mess something else up instead.
Thanks for the steps, saw that TN didn’t have the ntlm v1 ticked; but that config didn’t work overall. I created a new user in the same group and that worked.
