[Samba] Nonfunctional linux/CIFS mounts after update (ADS / windows DC auth)
Glomski, Patrick
patrick.glomski at corvidtec.com
Tue Apr 26 21:08:48 UTC 2016
Failure for me is always:
SMB PACKET: SMBsesssetupX (REPLY)
> SMB Command = 0x73
> Error class = 0x6D
> Error code = 49152 (0xc000)
> Flags1 = 0x80
> Flags2 = 0x3
> Tree ID = 0 (0x0)
> Proc ID = 12056 (0x2f18)
> UID = 29165 (0x71ed)
> MID = 3 (0x3)
> Word Count = 0 (0x0)
> NTError = STATUS_LOGON_FAILURE
> smb_bcc=0
>
Credentials are correct; it works through nautilus' smb://...
Let me know what else would help to diagnose. I can also privately share
verbose samba or other logs.
Thanks,
Patrick
On Tue, Apr 26, 2016 at 3:59 PM, Jeremy Allison <jra at samba.org> wrote:
> On Tue, Apr 26, 2016 at 12:06:39PM -0400, Glomski, Patrick wrote:
> > Greetings,
> >
> > We use samba to share files to windows and linux machines and are in the
> > same boat as several others recently posting to the list. When badlock
> > patches came out, we updated our CentOS7 samba server (everything from
> > samba to sssd to krb5 to nss was updated) and immediately had problems
> with
> > both client types not connecting to the windows shares.
> >
> > Windows machine connections were solved by using the realm
> > (workgroup.com\username)
> > to log in instead of the workgroup (workgroup\username). Although it's
> not
> > clear to me as to why I need '.com' to authenticate all of a sudden, it
> > functions and isn't a critical concern for this production server.
> >
> > Linux machines were mounting via 'mount -t cifs -o
> > user=workgroup/username'. This mount no longer functions and it appears
> > (setting server log level to 10) that the authentication on the server is
> > failing where it used to succeed. 'smbclient' also fails.
>
> Get a wireshark trace and post what error is returned please.
>
More information about the samba
mailing list