[Samba] CIFS proxy

Maximiliano Bertacchini maxiberta at gmail.com
Tue Jul 26 16:34:14 MDT 2011

On 22/07/11 20:40, Andrew Bartlett wrote:
> On Fri, 2011-07-22 at 12:30 -0300, Maximiliano Bertacchini wrote:
>> Hi. We managed to get samba 4 cifs proxy working with s4u2proxy auth in
>> an AD environment. The problem is it won't let clients neither write
>> files larger than 16441 bytes nor read files larger than 65536 bytes.
>> For example, writing a 16641 byte file works ok, but writing a 16642
>> byte (or larger) file fails:
> My guess is that we are failing to clamp the maximum packet size when
> doing SMB signing.  It seems Microsoft only signs the first 16641 (or
> so) bytes of the packet, and not the 'extra large' packets that Samba
> can support.
> If SMB signing is disabled (or perhaps enabled on both ends?) then this
> should work, and confirm my theory.
> Andrew Bartlett
You're right. Turning off signing at the windows 2003 server did the 
trick. It looks like it is now possible to write "large" files 
correctly. Though I'm still not sure whether turning off smb signing is 
secure enough. But we are still unable to read files larger than 64k 
with smbclient.

We're also getting a "cli_list_new: unable to parse name from info level 
260" when connecting with smbclient to the samba4 cifs proxy and doing 
ls on a directory with hundreds of files. ls is ok in smaller directories.



More information about the samba-technical mailing list