Many Samba servers do not support authenticating with encrypted passwords. Windows, on the other hand, defaults to transmitting encrypted passwords. In order to connect Windows to a Samba server, either the Samba server must accept encrypted passwords (the configuration of which can range from mildly painful to near impossible), or Windows must send passwords as plain text (which poses a higher security risk).
For my home network and my Samba-based networked file shares, it’s frankly easier to just configure Windows to transmit plain text passwords.
Windows Vista and Windows 7:
Go to Start > Control Panel > Administrative Tools > Local Security Policy > Local Policies > Security Options and enable “Microsoft Network Client: Send unencrypted password to third-party SMB servers.” While you’re there, also change “Network Security: LAN Manager authentication level” setting to “Send LM and NTLM – use NTLMv2 session security if negotiated.” This works on the Business edition. These instructions should also work on the Enterprise and Ultimate versions, but the Home editions of Vista do not allow UI access to Local Security Policy and you’ll have to edit the registry manually.
If you have to configure the registry manually, start regedit.exe, and browse to [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanWorkStation\parameters], and set “EnablePlainTextPassword” with a DWORD value of 1.
Windows XP:
Mostly the same as for Vista. Go to Start > Control Panel > Administrative Tools > Local Security Policy > Local Policies > Security Options and enable “Microsoft Network Client: Send unencrypted password to third-party SMB servers.” If you must configure the registry manually, follow the instructions for Windows Vista above. Some machines running XP SP3 with certain security patches (such as KB2536276 from June 2011) may be unable to connect with plain-text passwords to some Samba servers.
Windows 98:
Start regedit.exe, and add the following key with a DWORD value of 1 to [My Computer\HKEY Local Machine\System\CurrentControlSet\Services\VxD\VNETSUP\EnablePlainTextPassword].
You should reboot Windows after following any of the instructions above.
Author’s Note: No, I was not clairvoyant in 2002 — I added new notes for WinXP SP3 and added mention of Windows 7 during a 2012 revision.
I frequently find myself writing small How-To snippets like this one, not necessarily because I have a compelling desire to inform the public in general on some esoteric technology topic — more often than not, I simply can’t remember all the nitty-gritty details myself, so I write the instructions down here for me to remember.
We all benefit from my holey memory.
Thanks so much for the info on disabling encrypted passwords. This worked great on Windows XP. I have a PC running Windows Vista Home edition. As you state I can’t apply this approach there. Can you give me a little guideance on how to edit the registry manually?
UPDATE: Added instructions for Windows Vista.