[Samba] mount.cifs STATUS_NO_LOGON_SERVERS
L.P.H. van Belle
belle at bazuin.nl
Thu Aug 12 08:54:25 UTC 2021
Do all server the spn : cifs/hostname.fqdn.tld registered in the AD and in the local /etc/krb5.keytab ?
Offcourse the stand alone does not have it, but can add it manualy in AD and keytab file on that server.
Make sure all your server using CIFS have A and PTR records, (even your standalone).
Then thats done, make sure all formats are like this.
Workgroup = ADDOM_IN_CAPS
Realm = SOME.DOM.TLD_IN_CAPS
Check smb.conf and krb5.conf
As far i could tell this looked good.
When above is in place, and your leting the users automount these folder.
Did you set : allow delegate for kerberous services for the servers that do automounting?
sensitive - Set/unset or show UF_NOT_DELEGATED for an account.
If not set it.
Last, the server with samba 4.9.5, upgrade it to at least samba 4.13/14
And now, if you sure all is using kerberos auth, it should work now.
Im using the same here, CIFS and NFS4 kerberized mounts and automounting.
This is how i setup the automouting with systemd on my debian servers.
See how far you get, i'll keep an eye on the list today.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Mark
> Amundsen via samba
> Verzonden: donderdag 12 augustus 2021 9:55
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] mount.cifs STATUS_NO_LOGON_SERVERS
> Thanks for your time
> > OK, the two machines running 4.14.6 use SMBv2 as a minimum, your
> > standalone server uses SMBv1 as a minimum, so you may have to add
> > 'vers=2' to your mount command.
> I've tried vers=2.0 3.0 and even 2.1 (simply vers=2 gives an
> invalid argument error), same as before:
> CIFS VFS: Send error in SessSetup = -5
> CIFS VFS: cifs_mount failed w/return code = -5
> Status code returned 0xc000005e STATUS_NO_LOGON_SERVERS
> If I try vers=1.0 it simply says:
> CIFS VFS: cifs_mount failed w/return code = -95
> (also: mount.cifs says: Default has changed to a more secure
> dialect, SMB2.1 or later)
> I created a share on one of the domain-joined windows
> machines and I can connect to that in the same manner as I
> used to connect to the samba fileserver, which leads me to
> belive that something has changed in the fileserver.
> Have I disabled the authentication method that mount.cifs is using?
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba