Samba Settings

You can perform the following operations on this screen.

  • You can turn NTLMV1 protocol on/off.

  • You can turn SMB1 protocol on/off.

  • You can manage your DNS records by changing your Directory Topology selection (Star/Hub-Spoke).

  • With the Save deleted LDAP objects option, you can retrospectively view the data your users have deleted.

  • You can add or delete allowed or blocked host records.

Samba Settings

Warning

Turning the SMB1 protocol on will cause security problems. NOT RECOMMENDED.

Note

What is SMB? SMB (Server Message Block) protocol; It is a protocol that transfers bulk data between networks in a secure and encrypted manner. We can usually see SMB data packets under the following headings;

  • Session Control Packages

  • File Access Packages

  • General Message Packages

SMB Versions? (SMBv1, SMBv2, SMBv3)

  • SMBv1 This protocol, created by IBM in the 1980s, can carry small data in 16-bit packets, well below today’s standards. SMBv1 does not have any encryption, making it insecure. However, today only peripherals (Printer, Scanner, etc.) that support the SMBv1 protocol are used.

  • SMBv2; It is a newer technology than SMBv1. The fact that it pulls data packets into 32-bit packets (or even 128-bit packets for file descriptors) is a significant improvement. In addition, performance improvement was achieved by reducing the number of subcommands from around 100 in SMBv1 to 20.

  • SMBv3; It includes security improvements such as strengthening secure connections with newer clients and stronger encryption protocols. SambaBox uses the SMBv3 protocol by default.

Warning

Turning the NTLMV1 protocol on will cause security issues and is NOT RECOMMENDED.

Note

What is NTLM (NT LAN Manager)? NTLMv1 and NTLMv2 are two different versions of NTLM authentication protocols with their own security levels.

NTLMv1 (NTLM version 1):

  • Security Level: NTLMv1 is considered less secure than NTLMv2.

  • Authentication Process: When a user logs in using NTLMv1, their password is hashed and sent over the network to the server or domain controller. The server also stores the password in an encrypted format. The server then verifies the user’s identity by comparing it with the encrypted data.

  • Weaknesses: NTLMv1 is vulnerable to certain attacks, such as a “pass-the-hash” attack. In this type of attack, the attacker can capture the hashed password and use it to gain unauthorized access.

  • Compatibility: NTLMv1 is still supported for backward compatibility with legacy systems, but NTLMv2 is recommended.

NTLMv2 (NTLM version 2):

  • Security Level: NTLMv2 is considered a more secure version than NTLM.

  • Authentication Process: NTLMv2 increases security by using a more complex encryption process and adding a time-based factor to the authentication process. It also requires the client and server to exchange challenge-response messages to verify identity.

  • Weaknesses: NTLMv2 is more secure than NTLM, but is still vulnerable to certain attacks, such as brute force attacks. However, it significantly reduces the risk compared to NTLM.

  • Compatibility: NTLMv2 is the recommended authentication protocol for directory solutions. It provides better security features and is less susceptible to attacks.

To summarize, NTLMv2 is a more secure and modern version of the NTLM authentication protocol. By including additional security measures, it is less vulnerable to various types of attacks than NTLMv1. It is recommended that you use NTLMv2 whenever possible to increase the security of your directory server network.