[Samba] Unable to contact active directory or verify claim types
Rowland Penny
rpenny at samba.org
Wed Jul 25 07:37:14 UTC 2018
On Tue, 24 Jul 2018 22:59:42 -0400
Gaeseric Vandal via samba <samba at lists.samba.org> wrote:
> I set "server min protocol = SMB2" and "server max protocol = SMB2" .
>
>
> Which then resulted in the Win 2012 R2 server being unable to access
> the Samba server as \\weirdserver <file://weirdserver> . But I can
> access via \\weirdserver.mydomain.com
> <file://weirdserver.mydomain.com> or \\ipaddres <file://ipaddres> .
>
>
>
>
>
> Logs on samba server for that client shows "bad SMB2 signing."
>
>
>
>
>
> [2018/07/24 22:34:19.865792, 3]
> ../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
>
> smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
> status[NT_STATUS_ACCESS_DENIED] ||
> at ../source3/smbd/smb2_server.c:2447
>
> [2018/07/24 22:34:19.867152,
> 3] ../lib/util/access.c:365(allow_access)
>
> Allowed connection from 192.168.x.x. (192.168.x.x)
>
> [2018/07/24 22:34:19.867325, 3]
> ../source3/smbd/service.c:595(make_connection_snum)
>
> Connect path is 'xxxxfor service [users]
>
> [2018/07/24 22:34:19.867420,
> 3] ../source3/smbd/vfs.c:113(vfs_init_default)
>
> Initialising default vfs hooks
>
> [2018/07/24 22:34:19.867502,
> 3] ../source3/smbd/vfs.c:139(vfs_init_custom)
>
> Initialising custom vfs hooks from [/[Default VFS]/]
>
> [2018/07/24 22:34:19.867556,
> 3] ../source3/smbd/vfs.c:139(vfs_init_custom)
>
> Initialising custom vfs hooks from [zfsacl]
>
> [2018/07/24 22:34:19.867918, 2]
> ../source3/smbd/service.c:841(make_connection_snum)
>
> 192.168.3.225 (ipv4:192.168.3.225:60275) connect to service users
> initially as user MYDOMAIN\someuser (uid=xxxx, gid=xxx) (pid 6264)
>
> [2018/07/24 22:34:19.868642, 0]
> ../libcli/smb/smb2_signing.c:171(smb2_signing_check_pdu)
>
> Bad SMB2 signature for message
>
> [2018/07/24 22:34:19.868723, 0] ../lib/util/util.c:515(dump_data)
>
> [0000] F7 44 6E EC BE 8F A2 B3 5F 45 D0 82 44 7E 3C D1 -Dn-.--
> _E-.D~<-
>
> [2018/07/24 22:34:19.868795, 0] ../lib/util/util.c:515(dump_data)
>
> [0000] 67 29 61 2A 76 DD D8 8E 91 9C 03 D2 E6 A2 51 0F g)a*v--.
> ...--Q.
>
> [2018/07/24 22:34:19.868862, 3]
> ../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
>
> smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
> status[NT_STATUS_ACCESS_DENIED] ||
> at ../source3/smbd/smb2_server.c:2447
>
> Reenableing "server max protocol = SMB3" didn't help - tho I presume
> this is because the Win 2012 R2 server didn't try to connect with
> SMB3. I would probably have to reboot but that isn't an option at
> the moment.
>
> Appreciate any feedback.
You seem to told us everything except the vital thing, what is in your
smb.conf ?
Rowland
More information about the samba
mailing list