When dealing with mixed Windows environments accessing Samba shares, Windows 7 often presents unique authentication challenges. The scenario where XP/Vista machines successfully authenticate while Windows 7 fails with "The specified network password is not correct" typically points to protocol negotiation issues.
Windows 7 by default uses NTLMv2 authentication, which may conflict with older Samba configurations. First, verify the Samba server's supported protocols:
# On Linux Samba server
testparm -s | grep "ntlm auth"
For Windows 7, check the local security policy settings that affect SMB:
# PowerShell command to check current settings
Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" |
Select-Object LmCompatibilityLevel
Try these solutions in order of preference:
Option 1: Modify Windows 7 Registry
Create a .reg file with these contents:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"LmCompatibilityLevel"=dword:00000001
Option 2: Samba Configuration Adjustment
If you can access smb.conf, add these parameters:
[global]
client ntlmv2 auth = yes
client use spnego = no
Option 3: Alternative Connection Methods
Try mounting with explicit protocol specification:
net use Z: \\192.168.0.20\Smd /user:username password /persistent:yes /savecred
When basic fixes fail, collect these diagnostic outputs:
From Windows 7 (Command Prompt):
nltest /sc_query:ADDONICS_NAS
Packet capture analysis (requires Wireshark):
Filter: smb || nbns || nbss
- Ensure consistent time synchronization (NTP)
- Standardize credential formats (DOMAIN\user vs. user@domain)
- Document exact SMB protocol versions supported
When dealing with NAS devices running Samba services, we often encounter authentication inconsistencies across Windows versions. Here's what's particularly puzzling:
# Working on Windows XP/Vista
net use l: \\192.168.0.20\Smd /user:username password
# Failing on Windows 7 (same credentials)
System error 86 has occurred: The specified network password is not correct
Windows 7 introduced stricter security defaults that can break compatibility with older SMB implementations:
- SMB2 as default protocol (instead of SMB1)
- NTLMv2 requirement (instead of LM/NTLM)
- Different password encryption hashing
For NAS devices that can't update their Samba implementation, we can modify Windows 7's security policy:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"LmCompatibilityLevel"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0]
"NtlmMinClientSec"=dword:00000000
"RestrictSendingNTLMTraffic"=dword:00000000
Save as smbfix.reg and merge, then restart the computer.
Instead of net use, try these PowerShell alternatives:
# Method 1: Explicit credential object
$cred = New-Object System.Management.Automation.PSCredential("username", (ConvertTo-SecureString "password" -AsPlainText -Force))
New-PSDrive -Name "L" -PSProvider "FileSystem" -Root "\\192.168.0.20\Smd" -Credential $cred -Persist
# Method 2: Using cmdkey to store credentials first
cmdkey /add:192.168.0.20 /user:username /pass:password
net use l: \\192.168.0.20\Smd
Verify these Windows 7 network settings:
- Ensure "Network Discovery" is turned on in Network and Sharing Center
- Check that the workgroup name matches your NAS workgroup
- Disable IPv6 if not needed (some NAS devices have issues with it)
If you have access to the Samba config (smb.conf), add these parameters:
[global]
client min protocol = NT1
server min protocol = NT1
ntlm auth = yes
lanman auth = yes
When all else fails, capture network traffic to identify the authentication failure point:
# Capture filter for SMB traffic
wireshark -i "Ethernet" -f "port 445 and host 192.168.0.20" -w smb_capture.pcapng
# Look specifically for Session Setup AndX requests and responses
# Pay attention to NTLMSSP negotiation packets
Common packet analysis findings include mismatched protocol versions or rejected authentication tokens.