I’ve been a Synology DiskStation NAS user for four years now and used them as a SMB file server which is, among other things, accessed from various vintage clients (OS/2, DOS, Windows 9x, etc.). After upgrading to DSM 6, I found that these clients no longer work. That is to say, any attempt to connect fails because the credentials are rejected.
The problem is that DSM 6 (essentially customized Linux + Samba) by default no longer accepts old-style LAN Manager passwords. Fortunately it is not difficult to fix, but it is a multi-step process.
- If not already enabled, enable SSH access on the DiskStation and log in via your favorite SSH client.
/etc/samba/smb.confwith sufficient privileges (with
sudo vi, for example). In the
[global]section, add a new line which says
lanman auth = yes
- Make sure the updated configuration is loaded (e.g.
sudo smbcontrol smbd reload-configor rebooting the DiskStation).
- Recreate password hashes.
The final step is not very obvious. One reason why servers do not like old-style LAN Manager authentication is that the server needs to store a cryptographically weak password hash. Okay, you don’t care about that. But if old-style authentication is enabled, the password hashes need to be re-created because they won’t exist.
It may be enough to re-set the password in the DSM user interface. If it is not, run
sudo smbpasswd -L -U <username> on the DiskStation. To check if passwords have LAN Manager hashes or not, you can run
sudo cat /etc/samba/private/smbpasswd on the DiskStation. If the third colon-separated field has lots of XXXs there is no LANMan hash.
Note that this problem applies to fresh DSM 6 installations as well as DiskStations upgraded from DSM 5. With upgraded systems, there is a possibility that existing LANMan hashes might survive in the Samba password file; on new installs the hashes definitely have to be re-created.