[Samba] CIFS proxy
Maximiliano Bertacchini
maxiberta at gmail.com
Tue Jul 26 16:34:14 MDT 2011
On 22/07/11 20:40, Andrew Bartlett wrote:
> On Fri, 2011-07-22 at 12:30 -0300, Maximiliano Bertacchini wrote:
>> Hi. We managed to get samba 4 cifs proxy working with s4u2proxy auth in
>> an AD environment. The problem is it won't let clients neither write
>> files larger than 16441 bytes nor read files larger than 65536 bytes.
>> For example, writing a 16641 byte file works ok, but writing a 16642
>> byte (or larger) file fails:
> My guess is that we are failing to clamp the maximum packet size when
> doing SMB signing. It seems Microsoft only signs the first 16641 (or
> so) bytes of the packet, and not the 'extra large' packets that Samba
> can support.
>
> If SMB signing is disabled (or perhaps enabled on both ends?) then this
> should work, and confirm my theory.
>
> Andrew Bartlett
>
You're right. Turning off signing at the windows 2003 server did the
trick. It looks like it is now possible to write "large" files
correctly. Though I'm still not sure whether turning off smb signing is
secure enough. But we are still unable to read files larger than 64k
with smbclient.
We're also getting a "cli_list_new: unable to parse name from info level
260" when connecting with smbclient to the samba4 cifs proxy and doing
ls on a directory with hundreds of files. ls is ok in smaller directories.
Regards,
Max
More information about the samba-technical
mailing list