It could be that your Windows 10 client is now trying to implicitly authenticate using DOMAIN\username
when you try to access the share.
Does the Raspberry Pi3 have a hostname/NETBIOS name in the samba configuration (under the global config section)? If so, you could try specifying SAMBA_NETBIOSNAME\username
when you try to authenticate to access the share.
UPDATE:
Based on the config you provided I would suggest adding netbios name = pi3
or something to that effect and then trying to sign in with pi3\username
.
You might also try playing with some of the other authentication settings found in the documentation for SAMBA. Note that you'll probably have to restart the samba daemon after making changes to the config.
For example, you might try adding auth methods = guest sam winbind
noting that guest
allows anonymous access. That way you could isolate the problem between a configuration problem and an authentication problem (assuming anonymous access would be used when you can't authenticate - I'm rusty on my SAMBA skills).
In other words, as long as you can get in with guest enabled then we know at least the v1,2,3 piece is working and you can focus on the authentication settings. Once you've finally got the settings working for non-guest access you should remove the guest access to prevent unauthorized access to your share(s).
I'd also consider adding settings to force the ntlm auth
, lanman auth
, server schannel
, and server signing
settings to mirror the settings in your Windows client.
To check the equivalent Windows settings, run "secpol.msc" and check the settings under:
Security Settings
Local Polices
Security Options
- Microsoft network client: *
- Network security: *
Microsoft network client: Digitally encrypt or sign secure channel data (always)
Microsoft network client: Digitally encrypt secure channel data (when possible)
Microsoft network client: Digitally sign secure channel data (when possible)
These settings dictate what the server schannel
and server signing
settings should be in your samba config.
Network security: LAN Manager authentication level
This setting dictates what the ntlm auth
and lanman auth
settings should be in your samba config.
For example, Send NTLMv2 response only. Refuse LM & NTLM
in your Windows settings is equivalent to ntlm auth = no
and lanman auth = no
in your samba config.
NOTE: I don't recommend changing your Windows settings unless you're comfortable troubleshooting authentication issues with the domain afterwards.
Best Answer
Unfortunately, it is not possible as windows does only support ports 445 and 139
You might be able to use ssh tunneling. Here is a reference using windows and linux: https://www.ocf.berkeley.edu/~xuanluo/sshproxywin.html