[Samba] Connectivity issues with Samba 3.0.24 on Aix 6.1

Chunduru, Krishnachaithanya Krishnachaithanya.Chunduru at broadridge.com
Sat May 27 13:07:51 UTC 2017 

Hi Andrew or All,

Below is the log for the client which is being denied. I have added the client's IP in the /etc/hosts.allow and the hosts allow in smb.conf file. Can someone go thru it and let me know what is the exact problem with this.

2017/05/26 17:02:37, 0] lib/util_sock.c:read_data(534)
  read_data: read failure for 4 bytes to client X.X.X.X. Error = Connection reset by peer
[2017/05/26 17:02:37, 3] smbd/process.c:timeout_processing(1334)
  timeout_processing: receive_smb error (Connection reset by peer) Exiting
[2017/05/26 17:02:37, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/05/26 17:02:37, 3] smbd/connection.c:yield_connection(69)
  Yielding connection to
[2017/05/26 17:02:37, 3] smbd/server.c:exit_server_common(768)
  Server exit (normal exit)
[2017/05/26 17:24:04, 3] smbd/oplock.c:init_oplocks(863)
  init_oplocks: initializing messages.
[2017/05/26 17:24:04, 3] lib/access.c:check_access(312)
  check_access: no hostnames in host allow/deny list.
[2017/05/26 17:24:04, 2] lib/access.c:check_access(323)
  Allowed connection from  (X.X.X.X)
[2017/05/26 17:24:04, 3] smbd/process.c:process_smb(1068)
  Transaction 0 of length 159
[2017/05/26 17:24:04, 3] smbd/process.c:switch_message(926)
  switch message SMBnegprot (pid 14680176) conn 0x0
[2017/05/26 17:24:04, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/05/26 17:24:04, 3] smbd/negprot.c:reply_negprot(505)
  Requested protocol [PC NETWORK PROGRAM 1.0]
[2017/05/26 17:24:04, 3] smbd/negprot.c:reply_negprot(505)
  Requested protocol [LANMAN1.0]
[2017/05/26 17:24:04, 3] smbd/negprot.c:reply_negprot(505)
  Requested protocol [Windows for Workgroups 3.1a]
[2017/05/26 17:24:04, 3] smbd/negprot.c:reply_negprot(505)
  Requested protocol [LM1.2X002]
[2017/05/26 17:24:04, 3] smbd/negprot.c:reply_negprot(505)
  Requested protocol [LANMAN2.1]
[2017/05/26 17:24:04, 3] smbd/negprot.c:reply_negprot(505)
  Requested protocol [NT LM 0.12]
[2017/05/26 17:24:04, 3] smbd/negprot.c:reply_negprot(505)
  Requested protocol [SMB 2.002]
[2017/05/26 17:24:04, 3] smbd/negprot.c:reply_negprot(505)
  Requested protocol [SMB 2.???]
[2017/05/26 17:24:04, 3] smbd/negprot.c:reply_nt1(351)
  not using SPNEGO
[2017/05/26 17:24:04, 3] smbd/negprot.c:reply_negprot(606)
  Selected protocol NT LM 0.12
[2017/05/26 17:24:19, 0] lib/util_sock.c:read_data(534)
  read_data: read failure for 4 bytes to client X.X.X.X. Error = Connection reset by peer
[2017/05/26 17:24:19, 3] smbd/process.c:timeout_processing(1334)
  timeout_processing: receive_smb error (Connection reset by peer) Exiting
[2017/05/26 17:24:19, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/05/26 17:24:19, 3] smbd/connection.c:yield_connection(69)
  Yielding connection to
[2017/05/26 17:24:19, 3] smbd/server.c:exit_server_common(768)
  Server exit (normal exit)

Regards,
Krishna


-----Original Message-----
From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Chunduru, Krishnachaithanya via samba
Sent: Friday, May 26, 2017 3:12 PM
To: Andrew Bartlett; samba at lists.samba.org
Subject: Re: [Samba] Connectivity issues with Samba 3.0.24 on Aix 6.1

Hi Andrew,

Thanks a lot for the prompt response.

This is the same initial setup being used from more than 3 years, no one of the users reported any issues until now as they were able to access the shares with their unix passwords.

The share is successfully being accessed from a particular subnet (10.77.*.*) alone with same settings, but not from any other subnets. And there is no firewall in between.

Regards,
Krishna

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Friday, May 26, 2017 3:06 PM
To: Chunduru, Krishnachaithanya; samba at lists.samba.org<mailto:samba at lists.samba.org>
Subject: Re: [Samba] Connectivity issues with Samba 3.0.24 on Aix 6.1

On Fri, 2017-05-26 at 13:51 +0530, Chunduru, Krishnachaithanya via samba wrote:
> Hi All,
>
> I'm having Samba version 3.0.24 running on our Aix 6.1 servers.
>
> I have created a new samba share and given permission for a particular user and restricted access to only his group.
>
> We are able to access the share only from a particular subnet but not from all. I have added the desired subnet to allowed networks in global configuration, but still it's not allowing.
>
> Tried to change the registry entries in Windows side which didn't helped at all.

I would note that 'encrypt passwords = no' is pretty well unsupported client-side these days.  I don't know if this is your issue, but you should try setting a password with smbpasswd and removing this option.

> [cid:image001.png at 01D2D58A.BB84EE60]
> Below is the global and share configuration. Can someone please help me with the error.
>
> [global]
>         workgroup = XXXX
>         server string = XXXXXXX
>         encrypt passwords = no
>         passdb backend = tdbsam
>         log file = /var/log/samba/%m.log
>         log level = 2
>         max log size = 1000
>         preferred master = no
>         local master = no
>         domain master = no

I hope this helps,

Andrew Bartlett

--
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba


This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.

More information about the samba mailing list