IN THIS ARTICLE
Outlines how to change the NTLM authentication level in Windows to resolve failing SMB client connections to a Qumulo cluster
- Cluster running Qumulo Core version 2.6.0 or later
- Client running Windows 7 or later
Using an IP address to access a share on a Qumulo cluster requires the use of NTLM authentication. If a Windows client cannot connect with an IP address but can mount the share via the UNC path, the LmCompatibiltyLevel needs to be adjusted to NTLMv2. Once the change to NTLM authentication in the Windows registry is complete, client can successfully connect to a cluster using the NTLM authentication mechanism and an IP address. Before changing the NTLM Authentication level, confirm the issue first using the steps provided.
IMPORTANT: Before proceeding to change the level of NTLM Authentication, confirm the issue is not related to SMB signatures using the "System error 2148073478," "extended error," or "Invalid Signature" error message on SMB connections in Windows Server 2012 or Windows 8 article provided by Microsoft.
Confirm the Issue
- Attempt to mount SMB shares via the IP on your Windows client
- Verify that the returned error in the Windows UI is ambiguous and doesn’t specify a error code after a connection attempt
- Run the following command:
net use * \\cluster\share /user:username
- System Error 2148073478 has occurred is confirmation that the issue is related to NTLM Authentication in Windows
NOTE: Qumulo does not support LM or NTLMv1. Some environments and Windows clients are configured to run NTLMv1 which can be verified by running the net use command above.
Adjust NTLM Authentication Level
- Open regedit and Run as administrator
- Authenticate as Administrator
- Navigate to the following path:
- Double click LmCompatibiltyLevel to edit
- Change the value to 5
- Restart client computer for changes to take effect
- Verify the issue is resolved by attempting to mount SMB shares via the IP on your Windows client
You should now be able to successfully resolve failing SMB client connections by adjusting the NTLM Authentication level in Windows
Like what you see? Share this article with your network!