I have a Windows 2012 samba share set up. When I right click on the share, go to properties, then settings, I have the box checked marked "Encrypt data access"
When this box is checked, I cannot connect to it from Linux. If I uncheck the box, it can connect just fine. Here is the command I use to mount the share.
sudo mount.cifs -o username=Administrator //fileserv01/smb-encrypted /tmp
Using smbclient, I can connect just fine, whether encrypted or not by specifying SMB3 with the -m option…
smbclient -m SMB3 //fileserv01/smb-encrypted -U Administrator
Also I tested with a Windows 7 VM and the Windows 7 VM couldn't connect while encrypted, but could when it was not encrypted.
Is there a workaround for this?
Best Answer
SMB3 is the version of Server Message Block functionality that Windows 8 and 2012 use out of the box. Among other things, they layer stronger encryption over the existing basic encryption provided by previous versions.
Windows 7, being older, does not have this capability, the latest version it can "talk" is SMB2. You would need to enable SMBv2 on the Windows server to allow the Windows 7 clients to connect to its shares. Excruciating detail here: https://support.microsoft.com/en-us/kb/2696547
The part you probably want is this bit:
Set-SmbServerConfiguration -EnableSMB2Protocol $true
(Assuming you want to do this. Which you may not because it does reduce the quality of encryption between client and server if you are not using SMB3.)