[Samba] autofs + cifs + kerberos

Sketch smblist at rednsx.org
Fri Sep 5 06:56:02 MDT 2014

I'm having an issue with autofs mounting cifs using kerberos, on machines 
joined to an S4 domain controller.  Both hosts and S4 server are CentOS 6, 
and the DC is running samba-4.1.11 from sernet.

Autofs is getting it's maps from LDAP from the DC.  This part works 
fine, automount -m shows:

Mount point: /share


   instance type(s): sss
   map: auto.share

   public | -fstype=cifs,sec=krb5,user=$USER,cruid=$UID ://fileserver/public

If a user attempts to access /share/public, it is mounted with their 
kerberos credentials...for a while.  But eventually it stops working, and 
I get errors like this in the log:

Sep  5 07:43:00 test kernel: CIFS VFS: Send error in SessSetup = -128
Sep  5 07:43:00 test kernel: CIFS VFS: cifs_mount failed w/return code = -128

A "service autofs restart" fixes it...for a while.  The funny thing is, 
it's not consistant.  Sometimes, the share will mount once, then if I 
manually unmount it and try to mount it again it fails.  Other times, I 
can successfully remount it repeatedly, and it will work for hours.

Any suggestions where to start looking?

More information about the samba mailing list