Linux CIFS NTLMSSP mount failing against win2k8

Shirish Pargaonkar shirishpargaonkar at gmail.com
Sat Apr 10 22:24:35 MDT 2010


On Sat, Apr 10, 2010 at 11:09 PM, Shirish Pargaonkar
<shirishpargaonkar at gmail.com> wrote:
> On Sat, Apr 10, 2010 at 5:17 PM, Jeff Layton <jlayton at samba.org> wrote:
>> I've been playing with NTLMSSP today in CIFS, and have run across a
>> problem. The Session Setup using Raw NTLMSSP succeeds, but then afterward
>> the tree connect fails with STATUS_ACCESS_DENIED. The odd thing is that
>> if authenticate as the same user using krb5, then it works fine.
>> smbclient does SPNEGO encapsulated NTLMSSP and the tree connect it does
>> works fine as well.
>>
>> Attached is a capture that shows two "mount attempts". The first one
>> fails (that the Linux CIFS one). The second succeeds -- that's the
>> Linux CIFS one.
>>
>> The code I'm using is slightly modified so that the tree connect is
>> closer to identical to what smbclient does. That doesn't get around the
>> problem though. I assume that there must be something wrong with the
>> session setup, but since it succeeds it seems like it ought to work...
>>
>> Does anyone have any clue as to what the problem is? Or does anyone
>> know how to make win2k8 tell me why it's refusing the tree connect? The
>> event viewer seems to be pretty useless for this, but maybe I'm just
>> not looking in the right place?
>>
>> --
>> Jeff Layton <jlayton at samba.org>
>>
>
> Jeff,
>
> You can see if this code change,
>  cifs_MD5_update(&context, (char *)&key->data, 16);
> insetead of
>  cifs_MD5_update(&context, (char *)&key->data, key->len);
> in function cifs_calculate_signature() works.
>
> Regards,
>
> Shiris
>

I could not go as far as you have gone with cifs (and smb2) against
Windows 7 and Windows 2008 server.
For me even session setup was/is not working.    I found event log on
Windwos box to be useful.
I keep getting this error for both cifs and smb2 logins against both
Windows7 and Windows 2008 Server.

> Logon Type:   3
> Account For Which Logon Failed:
>  Security ID:  NULL SID
>  Account Name:  root
>  Account Domain:
> Failure Information:
>  Failure Reason:  An Error occured during Logon.
>  Status:   0xc0000225
>  Sub Status:  0x0
> Process Information:
>  Caller Process ID: 0x0
>  Caller Process Name: -
> Network Information:
>  Workstation Name:
>  Source Network Address: 1.2.345.678
>  Source Port:  59215
> Detailed Authentication Information:
>  Logon Process:
>  Authentication Package: NTLM
>  Transited Services: -
>  Package Name (NTLM only): -
>  Key Length:  0


More information about the samba-technical mailing list