Support new options for Samba 4 plugin

[Lewis Rosenthal]

We need to include support for the following options which are fully supported by the plugin under Samba 4:

Support encryption Support NLMv1 Supports EA Supports KRB5

When Kerberos auth is supported, username and password fields should be greyed out.

The need for NTLMv1 cannot be stressed strongly enough, as the default encryption in Samba 4 is now NTLMv2, and connecting to an NTLMv1 server (NetWare CIFS) will fail without this toggle.

ArcaOS will not be shipping the full NetDrive, so no Control Panel will be available. ArcaMapper will be the only GUI tool in the product.

[Lewis Rosenthal]

Valid authentication options for the Samba 4 client plugin:

Support Kerberos5 Support Kerberos5 + Support encryption

or

Support NTLMv1

Further:

NTLMv1 cannot be used with encryption or KRB5. EA support is fine for all types of authentication and transports, as is the read-only option, and of course, creation of mountpoint, even when connection fails.

Incompatible options need to be greyed out when they conflict. So, when a connection has NTLMv1 set, KRB5 and encryption should be greyed. To make them available, NTLMv1 should be unchecked. Once either of the other two is checked, NTLMv1 should be greyed out.

[Lewis Rosenthal]

It seems that when NTLMv1 is enabled, the command passed to NetDrive is actually missing:

KRB5SUPPORT=0;NTLMv1SUPPORT=0

While the KRB5SUPPORT option may be omitted, it is essential that NTLMv1SUPPORT=0, as Samba 4 defaults to NTLMv2 otherwise (unless specifically overridden in smb.conf).

[Paul Smedley]

Hi Lewis, assuming the above is in reference to use from Arcamapper and ntlmv1support is working correctly from the full Netdrive gui?

[Lewis Rosenthal]

Yes, exactly.

I have to fight with ArcaMapper to get to an NTLMv1 share every time, and that's the reason why.

[Lewis Rosenthal]

This is now working as expected in the latest ArcaMapper builds.