Managing SMB Configuration Properties

The SMB server and the SMB client use the sharectl command to manage configuration properties. For descriptions of the SMB client and server properties, see the sharectl(8) and smb(5) man pages.

The sharectl command is used throughout the configuration process to set and view properties. This command and examples of its use are described in Setting Up an Oracle Solaris SMB Server to Manage and Share Files and Using SMB File Sharing on Client Systems.

Note:

When the smb/server_auth_level value is 4, the Oracle Solaris SMB server accepts both NTLM and NTLMv2 authentication mechanisms for local user authentication. When clients initiate NTLM authentication, the Oracle Solaris SMB server is required to use DES encryption algorithm for hashing the incoming password hashes. DES is known to be less secure than HMAC-MD5, which is used in generating NTLMv2 challenge responses.

Note:

The default value for smb/server_auth_level has changed from 4 to 5. This change is made to limit the use of the less secure DES encryption mechanism for local user authentication. With the new default value, Oracle Solaris SMB server accepts only NTLMv2 authentication mechanisms for local user authentication. With this change, there is no impact to Windows clients running Windows Vista and later versions assuming the LMCompatibilityLevel registry setting is not down-level. However, Windows clients running a Windows OS version prior to Vista will require the LMCompatibilityLevel registry setting to be raised to 3 or higher in order to be successfully authenticated by the Oracle Solaris SMB server. For Domain users connecting to the Oracle Solaris SMB server, the AD domain controller will establish and enforce the required authentication level.