This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

LEM Backup fails - SMBv1

We recently tried configuring the backup functionality in a newly installed instance of LEM but couldn't get it to connect to the target network share, If you're have a similar problem, perhaps after disabling SMBv1 in the wake of Wannacry this is for you.

The following messages were displayed when we tried to run the backup:

protocol negotiation failed: NT_STATUS_INVALID_NETWORK_RESPONSE

Share credentials validated.

Backup configured to run daily.

Would you like to run the backup now? <y/N> y

Running backup, please wait...

20170718: Checking for other running processes

2017/07/18 14:52:34: Checking archive schedule with daily...

2017/07/18 14:52:34: Not checking schedule, assuming on-demand archive.

2017/07/18 14:52:34: unmounting old shares, in case any stale shares exist.

umount: /tmp/smb: not mounted

2017/07/18 14:52:34: mounting share //share/share with user USER on domain DOMAIN to mount point /tmp/smb

Trying ntlmsspi

Mount failed for //share/share as user USER ntlmsspi

Trying ntlmssp

Mount failed for //share/share as user USER ntlmssp

Trying ntlmv2

Mount failed for //share/share as user USER ntlmv2

Trying ntlm2

Mount failed for //share/share as user USER ntlm2

Trying ntlm

Mount failed for //share/share as user USER ntlm

Trying insecure communication

Mount failed for //share/share as user USER insecure communication

2017/07/18 14:52:35: Beginning dump of alertdb to /tmp/smb/SolarWindsLEMAlertDBArchive

2017/07/18 14:52:35: First I will do a touch test of SolarWindsLEMAlertDBArchive.test to see if I can create a file

2017/07/18 14:52:35: Starting archive to SolarWindsLEMAlertDBArchive

2017/07/18 14:52:46: done with archive. Result (if any): Success

2017/07/18 14:52:46: Cleaning Up.

umount: /tmp/smb: not mounted

2017/07/18 14:52:46: done!

We raised a case with Solarwinds support and the cause of the failure is that LEM can only use SMBv1 for backup, it doesn't support SMBv2 or 3. As we've disabled SMBv1 due to it's known security vulnerabilities we can't backup our LEM. SW support advise that a fix will be included in the next major release (possibly 6.4) but cannot give even an estimate as to timescales for a release date so we are unable to backup our LEM for the time being unless we choose to compromise security on our file storage system and the word on that is "no".

Given that SMBv1 has been known to be vulnerable for several years you might have thought LEM would by now support something more secure. Apparently not.