1/11/2012
You must be using FacetWin Version 4.0.o (Build 486) or later. This contains the latest improvements for working with Windows 7
Many FacetWin users find that upgrading to Windows 7 or 2008 will cause problems with SMB connections both to and from the UNIX server. SMB connections to the UNIX server include mapping a drive from a PC to the UNIX server or browsing the shares.
If you are have problems with remote printers, then skip to the last section which covers problems with SMB connections from the UNIX server to Windows 7 or 2008.
LANMAN, Plain Text Password, RHOST and Trusted server security methods for FacetWin will not work for Windows 7 or 2008 as it normally does with Windows 2000, XP or 2003. For any of the FacetWin security methods, the following changes need to be made to the Windows 7 or 2008 side to connect to the UNIX server.
1) On the Windows 7 or 2008 PC TCP/IP Properties, "Enable WINS" with the UNIX server's IP address and "Enable NetBIOS over TCP/IP".
2) Administrative Tools->
Local Security Policy->
Local Policies->
Security Options->
Network access: Sharing and security model for local accounts->
Enable Classic: local users authenticate as themselves
3) Administrative Tools->
Local Security Policy->
Local Policies->
Security Options->
Network security: LAN Manager authentication level->
Enable Send LM & NTLM responses
4) Administrative Tools->
Local Security Policy->
Local Policies->
Security Options->
Network security: Minimum session security for NTLM SSP->
Disable Require 128-bit encryption (client)
5) Administrative Tools->
Local Security Policy->
Local Policies->
Security Options->
Network security: Minimum session security for NTLM SSP->
Disable Require 128-bit encryption (server)
5) Reboot the Windows 7 or 2008 PC.
The following security option is necessary in addition to the above security options changes if using the UNIX security method
Administrative Tools->
Local Security Policy->
Local Policies->
Security Options->
Microsoft network client: Send unencrypted passwords to third-party SMB servers: Enabled
Apply change and then reboot Windows 7 or 2008.
Remote printing no longer works "out of the box" with Windows 7 or 2008.
A change needs to be made to allow connections from the UNIX server to
the shared printer. The change is to disable digitally
signed communications in addition to the above security options changes.
Administrative Tools->
Local Security Policy->
Local Policies->
Security Options->
Microsoft Network Client: Digitally sign communications (always): Disabled
Administrative Tools->
Local Security Policy->
Local Policies->
Security Options->
Microsoft Network Server: Digitally sign communications (always): Disabled
Apply change and then reboot Windows 7 or 2008.
NOTE: If your Windows 2008 Server is functioning as a domain controller, you will not see a Local Security Policy under Administrative Tools. Instead, you will see Domain Controller Security and Domain Security Policy. To affect connections to or from the domain controller select Domain Controller where Local Security Policy is specified above.
You should now be able to connect to FacetWin File & Print services using Windows 7 or 2008. If you have any problems,
and 2008. If you must upgrade, do so to the current FacetWin release to take advantage of latest improvements and optimizations.
The Problem
SMB Connections To The UNIX Server
NOTE: If this is a Home Edition, paste the following lines shown between # signs to a registry file named "win7-2008.reg" save it
and then run it.
###################################################################
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"LmCompatibilityLevel"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0]
"NtlmMinClientSec"=dword:00000000
"NtlmMinServerSec"=dword:00000000
###################################################################
To Enable Plain Text Password Connections On Windows 7 or 2008
for File & Print services on the UNIX server.
NOTE: If this is a Home Edition, paste the following lines shown between # signs to a registry file named "win7-2008.reg" save it
and then run it.
###################################################################################
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanWorkStation\parameters]
"EnablePlainTextPassword"=dword:00000001
###################################################################################
SMB Connection To Windows 7 or 2008
check the UNIX syslog file for errors and please contact FacetCorp technical support for assistance.