I’ve been a Synology DiskStation NAS user for four years now and used them as a SMB file server which is, among other things, accessed from various vintage clients (OS/2, DOS, Windows 9x, etc.). After upgrading to DSM 6, I found that these clients no longer work. That is to say, any attempt to connect fails because the credentials are rejected.
The problem is that DSM 6 (essentially customized Linux + Samba) by default no longer accepts old-style LAN Manager passwords. Fortunately it is not difficult to fix, but it is a multi-step process.
- If not already enabled, enable SSH access on the DiskStation and log in via your favorite SSH client.
- Edit
/etc/samba/smb.confwith sufficient privileges (withsudo vi, for example). In the[global]section, add a new line which sayslanman auth = yes - Depending on how old the clients are, it may be necessary to change the oldest supported protocol to
min protocol = LANMAN1(not needed for Windows 98 or NT 4 but required for DOS or OS/2) - Make sure the updated configuration is loaded (e.g.
sudo smbcontrol smbd reload-configor rebooting the DiskStation). - Recreate password hashes.
The final step is not very obvious. One reason why servers do not like old-style LAN Manager authentication is that the server needs to store a cryptographically weak password hash. Okay, you don’t care about that. But if old-style authentication is enabled, the password hashes need to be re-created because they won’t exist.
It may be enough to re-set the password in the DSM user interface. If it is not, run sudo smbpasswd -L -U <username> on the DiskStation. To check if passwords have LAN Manager hashes or not, you can run sudo cat /etc/samba/private/smbpasswd on the DiskStation. If the third colon-separated field has lots of XXXs there is no LANMan hash.
Note that this problem applies to fresh DSM 6 installations as well as DiskStations upgraded from DSM 5. With upgraded systems, there is a possibility that existing LANMan hashes might survive in the Samba password file; on new installs the hashes definitely have to be re-created.
I have a DiskStation DS414 and have always wondered why I had the same issue with older versions of Windows. Thank you for sharing this solution.
Well that explains why my old machines can’t map drives anymore! .. I haven’t had time to even begin to look, but thanks for doing the hard work for me!
Glad I could help — it was a bit of luck that I correctly guessed why my DOS VMs couldn’t get to the network shares after a DSM upgrade. And fortunately it’s more or less standard Samba, so not too hard to fix.
I remember having to change this setting on plain Linux machines a pretty long time ago. From searching the web, it looks like the default setting was changed in this way in Samba 3.2, which was released over 8 years ago! Lowering security like that sounds bad to me, but then I think most vendors that repackage open source projects do similar things.
Thanx! Works great! Now my vintage Win98 PC can access the NAS again 🙂
Thank you, works great with my Win98SE Machine!
How the heck do you edit?
I can log in as root, but how do I actually edit the file? Sorry I am not a Linux guy, just need some help.
Is there ‘vi’? Or ‘nano’? I’m sure I used vi, but I’m told that not everyone can do that.
Wow! This post (and its successor) really saved me from a lot of fiddling around getting a DOS/WfW 3.11 installation to properly access SMB shares on my Synology DS215j with DSM 6.2. THANKS MICHAL!!
Hi there,
this has solved my problem. I use also old MS-DOS, Windows 2 with Network and Windows 3.11 WfW. A long Time everything was fine. I had a DS413 first bought with DSM4 then upgraded to DSM5, i have used DSM5 a long time many years, and if i upgraded to DSM6.2 nothing has worked anymore with the old clients.
You MUST a do this work around Step by STEP and you MUST do every Step do it ! and then it works totaly fine.
Now i can connect via MS-DOS to DSM6.2 and that saves my life, because downgrading on DSM is not possible.