[Samba] win 7 client can't map drive: getpeername failed
Gaiseric Vandal
gaiseric.vandal at gmail.com
Mon May 13 08:59:45 MDT 2013
That suggests either a configuration difference with some of the win 7
machines or a difference with some of the AD accounts for the machines.
On the NAS, does the "getent passwd" command display user and machine
accounts? Is it may be showing only some machine accounts and not
others? It might be possible that samba has been unable to account an
idmap entry for newer machines. All though I would think this would
affect authentication issues, not connection issues. I have found
idmapping to be one of the less reliable functions in samba.
Are all the Win 7 machines configured with identical network settings
(apart from the IP address itself of course.) this should be the case if
you use DHCP.
Are their any security settings on the problem Win 7 machines that are
different? If you use gpedit.msc -> computer -> security settings ,
you may want to review things like NTLMv2 settings. Are all the
machine accounts in the same AD container ?
If this is all AD, then you should not need to use WINS. Although it may
also help resolve confusion about which machine is the local master
browser. Which shouldn't really matter either. I use samba 3.x as a
non-AD PDC so the WINS and browser stuff is more important.
Is the Microsoft server is the AD PDC it may expect to be the local
master browser. I think there can only be one local master browser per
subnet. And if you look thru the nmbd logs (?) on the NAS as well as
the logs on the Win 2008 server . you may see results of a browser
election.
the "testparm -v" will show you all the config settings, including those
set by default even if not explicitly set in smb.conf
On 05/13/13 08:44, Ed Strong wrote:
> Hi,
>
> all XP clients work fine. As do most win 7 clients. Just a handful of
> win7 clients have this issue.
>
> We only have one Microsoft server: 2008 R2, it does not have the WINS
> server feature installed.
> The qnap box is called saturn and is a member of the domain
> telnet saturn 139
> results in blank screen, blinking cursor so port open I guess.
> NAS uses our Microsoft server for it's DNS and registers itself in DNS
> Also on the NAS I have:
> Enable WINS server NOT checked
> Local master browser checked
> Allow only NTLMv2 authentication NOT checked
> DNS has a reverse lookup zone with a PTR record for client
>
>
> This is my foray into samba so I'm not familiar with the config file
> structure but here is the global
> section:
>
> [global]
> log level = 3
> passdb backend = smbpasswd
> workgroup = OUR_DOMAIN
> security = ADS
> server string =
> encrypt passwords = Yes
> username level = 0
> map to guest = Bad User
> null passwords = yes
> max log size = 50
> socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=262144
> SO_RCVBUF=131072
> os level = 20
> preferred master = no
> dns proxy = No
> smb passwd file=/etc/config/smbpasswd
> username map = /etc/config/smbusers
> guest account = guest
> directory mask = 0777
> create mask = 0777
> oplocks = yes
> locking = yes
> disable spoolss = yes
> load printers = no
> display charset = UTF8
> force directory security mode = 0000
> veto files = /.AppleDB/.AppleDouble/.AppleDesktop/:2eDS_Store/Network
> Trash Folder/Temporary
> Items/TheVolumeSettingsFolder/. at __thumb/. at __desc/:2e*/
> delete veto files = yes
> map archive = no
> map system = no
> map hidden = no
> map read only = no
> deadtime = 10
> use sendfile = yes
> unix extensions = no
> store dos attributes = yes
> client ntlmv2 auth = yes
> dos filetime resolution = no
> inherit acls = yes
> wide links = yes
> force unknown acl user = yes
> template homedir = /share/homes/DOMAIN=%D/%U
> domain logons = no
> min receivefile size = 4096
> case sensitive = auto
> domain master = auto
> local master = yes
> enhance acl v1 = yes
> remove everyone = yes
> kernel oplocks = no
> mangled names = no
> realm = OUR_DOMAIN.local
> password server = SERVER.OUR_DOMAIN.local
> pam password change = yes
> winbind separator = +
> winbind enum users = yes
> winbind enum groups = yes
> winbind cache time = 3600
> idmap uid = 400001-500000
> idmap gid = 400001-500000
> idmap config OUR_DOMAIN : backend = rid
> idmap config OUR_DOMAIN : range = 10000001-20000000
> wins support = no
> name resolve order = host bcast
>
>
>
> On 10 May 2013 16:19, Gaiseric Vandal <gaiseric.vandal at gmail.com
> <mailto:gaiseric.vandal at gmail.com>> wrote:
>
> Are XP clients having the same problem? Trying with an XP
> client would help indicate if there was something specific to XP.
> (I skipped vista.)
>
>
> Can you check in smb.conf
> - is the server a member server, AD member server, standalone
> server, or domain controller.
> - Are ports explicitly defined
> - how is name resolution configured?
> - is NTLMv2 required (I couldn't get NTLMv2 support working.)
>
>
> Domain membership shouldn't matter at this point since you aren't
> even getting to the authentication phase.
>
> Can you telnet port 139 to make sure it is open?
>
>
> Do you have a WINS server defined? If so make sure client and
> NAS are using the same WINS server. Is your NAS configured to
> use a DNS server? Do you have a reverse lookup zone defined in
> DNS? the NAS maybe trying to do a reverse lookup on the IP of
> the client. There doesn't need to be a PTR entry for the client
> but you are least want the zone. If DNS tries to lookup an IP
> and gets an immediate "host not found" that is OK. If it times
> out because it can't even locate a DNS server then that could
> cause problems for other services dependent on DNS.
>
>
>
>
>
>
>
>
>
>
>
>
> On 05/10/13 10:58, Ed Strong wrote:
>
> Hi,
>
> Thanks for the info, I'm replying to you in gmail to
> samba at lists.samba.org <mailto:samba at lists.samba.org>,
> hope that is correct ?
>
> Yes I can edit the config file on the NAS
>
> Looking at the network packets all communication to NAS seems
> to be on port
> microsoft-ds (445)
> I can't see any traffic on ports 137/138/139
>
> If i use the IP I get exactly the same error :(
>
>
> On 10 May 2013 15:01, Gaiseric Vandal
> <gaiseric.vandal at gmail.com <mailto:gaiseric.vandal at gmail.com>>
> wrote:
>
> I think the "Error was Transport endpoint is not
> connected" warnings are
> sometimes misleading. Do you have any control over the
> samba config
> (smb.conf) on the NAS ? On regular samba installs,
> changing the default
> port settings can cause more problems.
>
> Windows 7 will try to connect on port 445 (SMB or CIFS
> over tcp/ip), and
> will then reconnect to ports 137/138/139 (SMB over netbios
> over tcp/ip)
> since samba 3.x doesn't handle the newer SMB-over-tcp/ip.
> Disabling
> 445 on the server seems to cause more problems than it solves.
>
>
> Are you able to connect via IP ? e.g net use
> \\qnap_ip\share ?
>
> I had problems in the past when I disabled port 445 on
> samba servers.
> Remote users (no netbios broadcasts permitted) could
> connect via IP but
> not via name. For the name only connections, packet
> monitoring would
> show packets getting thru the the server but the exchange
> between client
> and server not being completed. For clients connecting
> via IP, the client
> would send packets to server, server respond, and then
> clients responded.
>
>
>
>
>
>
>
>
>
>
>
> On 05/07/13 03:53, Ed Strong wrote:
>
> Hi,
>
> I'm re-posting this (with some more info) as I don't
> think the original
> got
> through as I wasn't
> signed up to the samba list.
>
> this is my first foray in samba (and newsgroups) so go
> easy :)
> I've started reading the o'reilly samba book but
> finding it hard going.
>
> Anyway I'm trying to map a network drive from a
> windows 7 pro client to a
> QNAP NAS with the command:
> net use s: \\qnap\share
>
> I've posted on several forums and got good advice but
> the problem remains.
> Rather than repost all the detail, please see my
> original posts:
>
> http://forum.qnap.com/**viewtopic.php?f=185&t=74639<http://forum.qnap.com/viewtopic.php?f=185&t=74639>
> http://social.technet.**microsoft.com/Forums/en-US/**
> <http://microsoft.com/Forums/en-US/**>
> winservergen/thread/11d35b0c-**ac95-489f-b5d1-0486b9774603<http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/11d35b0c-ac95-489f-b5d1-0486b9774603>
> http://www.edugeek.net/forums/**windows-7/112309-map-network-**
> drive-nas-but-get-error-64-58-**a.html<http://www.edugeek.net/forums/windows-7/112309-map-network-drive-nas-but-get-error-64-58-a.html>
>
>
>
> I've managed to ssh onto the QNAP via putty and found
> this in the logs
> (getpeername failed)
>
> [/var/log] # pwd
> /var/log
> [/var/log] # tail -f log.smbd
> [2013/05/01 09:36:17.135999, 0]
> lib/util_sock.c:474(read_fd_
> with_timeout)
> [2013/05/01 09:36:17.136096, 0]
> lib/util_sock.c:1440(get_peer_**addr_internal)
>
> getpeername failed. Error was Transport endpoint
> is not connected
> read_fd_with_timeout: client 0.0.0.0 read error =
> Connection reset by
> peer.
> [2013/05/01 09:36:17.137700, 1]
> smbd/server.c:299(remove_**child_pid)
>
> Scheduled cleanup of brl and lock database after
> unclean shutdown
> [2013/05/01 09:36:17.178522, 1]
> smbd/service.c:1073(make_**
>
> connection_snum)
> 172.24.120.139 (172.24.120.139) connect to service
> Staff initially as
> user DOMAIN+admin (uid=10001423, gid=10000514) (pid
>
> 25771)
> [2013/05/01 09:36:17.179093, 0]
> lib/util_sock.c:474(read_fd_**
>
> with_timeout)
> [2013/05/01 09:36:17.179173, 0]
> lib/util_sock.c:1440(get_peer_**addr_internal)
>
> getpeername failed. Error was Transport endpoint
> is not connected
> read_fd_with_timeout: client 0.0.0.0 read error =
> Connection reset by
> peer.
> [2013/05/01 09:36:17.179289, 1]
> smbd/service.c:1254(close_**cnum)
>
> 172.24.120.139 (172.24.120.139) closed connection
> to service Staff
> [2013/05/01 09:36:37.142714, 1]
> smbd/server.c:272(cleanup_**timeout_fn)
>
> Cleaning up brl and lock database after unclean
> shutdown
>
>
> The QNAP's samba version appears to be 3.5.2:
>
> [/var/log] # ps -ef | grep smb
> 4016 admin 3104 S
> /usr/local/samba/sbin/winbindd -s
> /etc/config/smb.conf
> 4017 admin 3728 S
> /usr/local/samba/sbin/winbindd -s
> /etc/config/smb.conf
> 4366 admin 1840 S
> /usr/local/samba/sbin/winbindd -s
> /etc/config/smb.conf
> 4877 admin 3300 S
> /usr/local/samba/sbin/winbindd -s
> /etc/config/smb.conf
> 4902 admin 3952 S
> /usr/local/samba/sbin/winbindd -s
> /etc/config/smb.conf
> 4978 admin 4132 S /usr/local/samba/sbin/smbd
> -l /var/log -D -s
> /etc/config/smb.conf
> 4979 admin 3356 S
> /usr/local/samba/sbin/winbindd -s
> /etc/config/smb.conf
> 4980 admin 1224 S
> /usr/local/samba/sbin/winbindd -s
> /etc/config/smb.conf
> 4995 admin 1016 S /usr/local/samba/sbin/smbd
> -l /var/log -D -s
> /etc/config/smb.conf
> 5063 admin 2068 S
> /usr/local/samba/sbin/winbindd -s
> /etc/config/smb.conf
> 9509 admin 1664 S /usr/local/samba/sbin/nmbd
> -l /var/log -D -s
> /etc/config/smb.conf
> 25540 admin 544 S grep smb
> [/var/log] # /usr/local/samba/sbin/smbd -V
> Version 3.5.2
>
>
> I've also installed MS network monitor on two clients
> and did a capture
> whilst running the command
> net use s:\ \\saturn\staff
>
> I've posted three screenshots here:
>
> https://plus.google.com/**photos/108734482620454690509/**
> albums/5875135861918839393?**authkey=CJ3lwKu2xJqMyQE<https://plus.google.com/photos/108734482620454690509/albums/5875135861918839393?authkey=CJ3lwKu2xJqMyQE>
>
>
>
> Basically, Worked.png shows the SMB frames on a PC
> where the net use
> command worked
> and Failed.png shows the SMB frames on a PC where the
> net use command did
> not work
>
> It looks to me like the first 6 SMB frames are
> identical. Then things
> start
> to change
>
> On the working client we continue with frame 10113
> which is a
> Dfsc: Get DFS Referral Request
>
> but the failing client continues with some TCP frames (see
> tcp-frames154-157.png) 154 to 157
> before it seems to start the negotiation again at
> frame 158
>
> Not sure how to troubleshoot this further so any
> advice welcome.
>
> Thanks
> Ed
>
> PS I initially tried to post this on google group
> linux.samba but was
> rejected by the
> moderation robot which said "Please submit your
> message to the mailing
> list
> address".
> I did this with attached png's but failed due to file
> size so hopefully
> 3rd
> time lucky!
>
> --
> To unsubscribe from this list go to the following URL and
> read the
> instructions:
> https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list