[Samba] 转发: 转发: 答复: ??????: Is the "\\x.x.x.x" type tree connect request a client related feature?

Chenyehua chen.yehua at h3c.com
Thu Feb 9 02:21:18 UTC 2017

Well, I have changed the line "map to guest = bad password" to "map to guest = bad user"
However the problem still exists:
1) I can pass the authentication and see the shared folder, but when I try to open the folder , it fails with a windows error message like "cannot find the route to the network". It may recover to normal later (means I can open that folder)
2) I have collected the wireshark record and find that windows 7 keeps sending unacceptable format("\\server", lack "\share") tree connect request until it recovers to normal:
  > Tree connect request Tree\\aaa.bb.com\IPC$
  >  Tree connect response : SUCCESS
  > Tree connect request Tree \\aaa.bb.com
  >  Tree connect response : NT_STATUS_BAD_NETWORK_NAME
  > Tree connect request Tree \\aaa.bb.com
     Tree connect response : NT_STATUS_BAD_NETWORK_NAME
3) Louis once mentioned that it may due to the check after applying the MS "bad lock" patch. I am confused about this and doubt why windows 7 will send the unacceptable "\\server" format tree connect request to check.
4) The "\\server" format tree connect request may not meet the smb2 protocol request:(lack "\share")
  "The SMB2 TREE_CONNECT Request MUST be initialized as follows:
   The target share path, including server name, in the format "\\server\share", is copied into the Buffer field of the request. PathOffset and PathLength MUST be set to describe the location and length of the target share path in the request."
  --- extracted from "[MS-SMB2]:Server Message Block (SMB) Protocol Versions 2 and 3"
  Is this reasonable?

发件人: samba [mailto:samba-bounces at lists.samba.org] 代表 Rowland Penny via samba
发送时间: 2017年2月8日 21:23
收件人: samba at lists.samba.org
主题: Re: [Samba] 转发: 答复: ??????: Is the "\\x.x.x.x" type tree connect request a client related feature?

On Wed, 8 Feb 2017 12:10:00 +0000
Chenyehua via samba <samba at lists.samba.org> wrote:

> Thanks for your response, Rowland.
> Sorry for the late reply.
> Here is my smb.conf:
> [global]
>    workgroup = grouptest1
>    server string = %h server (Samba NAS)
>    dns proxy = no
>    log file = /var/log/samba/log.%m
>    max log size = 10000
>    syslog = 0
>    panic action = /usr/share/samba/panic-action %d
>    server role = standalone server
>    obey pam restrictions = yes
>    unix password sync = yes
>    passwd program = /usr/bin/passwd %u
>    passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>    pam password change = yes
>    map to guest = bad password
>    usershare allow guests = yes
>    max protocol = SMB3
>    large readwrite = yes
>    use sendfile = yes
>    aio read size = 1024
>    oplocks = no
>    deadtime = 10
>    aio write behind = true
>    load printers = no
>    clustering = yes
>    idmap config *:backend = tdb2
>    store dos attributes = yes
>    vfs objects = acl_xattr
>    idmap config *:range = 1000000-1999999
>    acl_xattr:ignore system acls = yes
>    socket options = TCP_NODELAY SO_RCVBUF=131072 SO_SNDBUF=131072
>    netbios name = netaaa1
>    ctdbd socket = /var/run/ctdb/ctdbd.socket
>    log level = 2
>    security = user

Ok, this is a standalone server, so I suggest you remove these lines:

   idmap config *:backend = tdb2
   idmap config *:range = 1000000-1999999
   socket options = TCP_NODELAY SO_RCVBUF=131072 SO_SNDBUF=131072

But I think your problem is being caused by this line (and possibly fat

    map to guest = bad password

If you read 'man smb.conf' you will find this:

           ·   Bad Password - Means user logins with an invalid password are
               treated as a guest login and mapped into the guest account.
               Note that this can cause problems as it means that any user
               incorrectly typing their password will be silently logged on as
               "guest" - and will not know the reason they cannot access files
               they think they should - there will have been no message given
               to them that they got their password wrong. Helpdesk services
               will hate you if you set the map to guest parameter this way

This means if the users windows password isn't the same as the one on the Samba server, they will get logged in, but as the 'Guest' user.


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
This e-mail and its attachments contain confidential information from H3C, which is
intended only for the person or entity whose address is listed above. Any use of the
information contained herein in any way (including, but not limited to, total or partial
disclosure, reproduction, or dissemination) by persons other than the intended
recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender
by phone or email immediately and delete it!

More information about the samba mailing list