[Samba] Workstation Limited to NT1 Protocol

Bill Baird bill.baird at phoenixmi.com
Tue Apr 19 19:11:08 UTC 2016 

That does indeed show "default".

For logs, I tested with my system and a system that gets SMB2.  Any tips
for what I might be looking for?

Early on in the logs, I see this for the NT1 system (no mentions of smb2
anywhere)

[2016/04/19 14:48:37.738460,  3, pid=21479, effective(0, 0), real(0, 0)]
../source3/smbd/negprot.c:395(reply_nt1)
  using SPNEGO
[2016/04/19 14:48:37.738476,  3, pid=21479, effective(0, 0), real(0, 0)]
../source3/smbd/negprot.c:684(reply_negprot)
  Selected protocol NT LM 0.12
[2016/04/19 14:48:37.738488,  5, pid=21479, effective(0, 0), real(0, 0)]
../source3/smbd/negprot.c:691(reply_negprot)
  negprot index=5

For the system that gets SMB2, I see:

[2016/04/19 15:04:46.352217, 10, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/smb2_server.c:3068(smbd_smb2_first_negprot)
  smbd_smb2_first_negprot: packet length 102
[2016/04/19 15:04:46.352249, 10, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/smb2_server.c:646(smb2_validate_sequence_number)
  smb2_validate_sequence_number: clearing id 0 (position 0) from bitmap
[2016/04/19 15:04:46.352269, 10, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/smb2_server.c:1954(smbd_smb2_request_dispatch)
  smbd_smb2_request_dispatch: opcode[SMB2_OP_NEGPROT] mid = 0
[2016/04/19 15:04:46.352285,  4, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/sec_ctx.c:316(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2016/04/19 15:04:46.352302,  5, pid=21600, effective(0, 0), real(0, 0)]
../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2016/04/19 15:04:46.352318,  5, pid=21600, effective(0, 0), real(0, 0)]
../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2016/04/19 15:04:46.352343,  5, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2016/04/19 15:04:46.352381, 10, pid=21600, effective(0, 0), real(0, 0)]
../source3/lib/util.c:1291(set_remote_arch)
  set_remote_arch: Client arch is 'Vista'
[2016/04/19 15:04:46.352420,  6, pid=21600, effective(0, 0), real(0, 0)]
../source3/param/loadparm.c:2151(lp_file_list_changed)
  lp_file_list_changed()
  file /etc/samba/smb.conf.client-%I ->
/etc/samba/smb.conf.client-10.88.5.102  last mod_time: Tue Apr 19 14:44:42
2016

  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue Apr
19 14:45:15 2016

[2016/04/19 15:04:46.352463,  3, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/smb2_negprot.c:213(smbd_smb2_request_process_negprot)
  Selected protocol SMB2_FF




On Tue, Apr 19, 2016 at 3:01 PM, lingpanda101 at gmail.com <
lingpanda101 at gmail.com> wrote:

> On 4/19/2016 2:51 PM, Bill Baird wrote:
>
> *testparm -v | grep "client min protocol"*
> client min protocol = CORE
>
> On Tue, Apr 19, 2016 at 2:50 PM, <lingpanda101 at gmail.com>
> lingpanda101 at gmail.com <lingpanda101 at gmail.com> wrote:
>
>> On 4/19/2016 2:43 PM, Bill Baird wrote:
>>
>> I am accessing the new member server. All my other servers are still on
>> 3.6.x.
>>
>> Both settings are set to "default".
>>
>> Will look at logs now.
>>
>> Thanks!
>>
>>
>>
>> On Tue, Apr 19, 2016 at 2:39 PM, lingpanda101 at gmail.com <
>> lingpanda101 at gmail.com> wrote:
>>
>>> On 4/19/2016 2:08 PM, Bill Baird wrote:
>>>
>>>> Hi All,
>>>>
>>>> I just setup a new server and added it to my domain last week and it has
>>>> been working well. We are running a NT4-style Samba PDC for our domain
>>>> controller. This server is running the CentOS packages for Samba
>>>> 4.2.10-6
>>>> as a domain member. My issue is that I have one Windows 7 workstation
>>>> that
>>>> will only auto-negotiate to the NT1 protocol. If I run smbstatus, all
>>>> of my
>>>> other workstations use SMB2_10, as expected.
>>>>
>>>> Has anyone seen this before? Is there a log file I can look at to
>>>> determine
>>>> what is going wrong in the protocol negotiation?
>>>>
>>>> Thanks!
>>>>
>>>> --Bill
>>>>
>>> You can enable client specific logging and see if it turns up anything.
>>>
>>> https://wiki.samba.org/index.php/Client_specific_logging
>>>
>>> Access a share and review the logs.
>>>
>>> Is this Windows 7 workstation accessing the new member server and
>>> displaying NT1 or the old one?
>>>
>>> Can you run on both member servers and report?
>>>
>>> testparm -v |grep "client ipc max protocol" and testparm -v |grep
>>> "client ipc min protocol"
>>>
>>> --
>>> -James
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  <https://lists.samba.org/mailman/options/samba>
>>> https://lists.samba.org/mailman/options/samba
>>>
>>
>>
>>
>> --
>> *Bill Baird*
>> Chief Technology Officer
>> Office: 845-876-8228 x311
>> Mobile: 203-545-0437
>> www.phoenixmi.com
>>
>> The man page for smb.conf reads for "client ipc min protocol"
>>
>> The value default refers to the higher value of NT1 and the
>>            effective value of client min protocol.
>>
>> What does testparm -v | grep "client min protocol" give?
>>
>> --
>> -James
>>
>>
>
>
> --
> *Bill Baird*
> Chief Technology Officer
> Office: 845-876-8228 x311
> Mobile: 203-545-0437
> www.phoenixmi.com
>
> What does testparm -v | grep "client max protocol" give? it should be
> 'default' which is SMB3_11. You can always force SMB2_10
>
> --
> -James
>
>


-- 
*Bill Baird*
Chief Technology Officer
Office: 845-876-8228 x311
Mobile: 203-545-0437
www.phoenixmi.com

More information about the samba mailing list