work in progress as I doodle thoughts..
does no one here search for answers???
answered here many times…
click the start button and type secpol.msc in the search function.
Browse to “Local Policies” -> “Security Options”. Now look for the entry “Network Security: LAN Manager authentication level” and open it. Click on the dropdown menu and select “Send LM & NTLM – use NTLMv2 session security if negotiated”. Apply the settings.
In the Advanced sharing settings page of Network and sharing center, you need to have it set as Work/Home profile. Try
-Enable network discovery
-Turn on file and print sharing
-Turn off password protected sharing
-Use user accounts and passwords to connect to other computers
The other settings such as encryption I have set as use 128 bit encryption.
Please check related policies.
1. Enter “gpedit.msc” in the Start Search box.
2. Open “Computer Configuration”/Windows Settings/Security Settings/Local Policies/Security Settings.
3. In the right pane, enable the following policies:
Network access: Allow anonymous SID/name translation
Network access: Let Everyone permissions apply to anonymous users
Also please disable the following policies.
Network access: Restrict anonymous access to Named Pipes and Shares
Network access: Do not allow anonymous enumeration of SAM accounts
Network access: Do not allow anonymous enumeration of SAM accounts and shares
First of all it puzzles me a bit too that you say you cannot reach the web interface (HTTP) of the NAS via the browser.
But regarding SMB shares this might be related to some Windows 7 settings in combination to older SAMBA versions (don’t know which version is run by your Qnap NAS).
First of all you should open the
Network and Sharing Center of Windows 7. Then make sure your network is listed to be a “Home network” – and not a “Work network or “Public network”.
If this is correctly set and it still does not work you might have to check your network policies. On Windows 7 Pro just launch
Local Security Policy from your start menu and check the following values:
- Local Policies -> Security Options -> Microsoft network client: Digitally sign communication (always)
- This should be set to disabled as most Samba servers in NAS devices to not work with signed communication.
- Local Policies -> Security Options -> Microsoft network client: Digitally sign communications (if server agrees)
- This can be set to “Enabled” as Widnows will still fall back to unsigned communication if the server does not support it.
- Local Policies -> Security Options -> Microsoft network client: Send unencrypted password to third-party SMB servers
- In general this option shall be set to “Disabled”. However some pretty old Samba versions used in older NAS devices do require the password to be sent in plain for authentication. So if you still cannot access the NAS shares you might try setting this policy to “Enabled”. Do only enable this if your NAS really does not support encrypted passwords or for testing purposes. It can and it will expose your password to network intruders.