On Mon, Nov 29, 2010 at 8:20 AM, Robbert Kouprie <robbert@xxxxxx> wrote: > Hi Shirish, > > Thanks for your reply. > > The DFS root is on 3 domain controllers, one 2003SP2 (10.0.0.11), one 2008 > (10.0.0.12) and one 2008R2 (10.0.0.13). > > sec=ntlmssp gives me STATUS_NOT_SUPPORTED: > > fs/cifs/cifsfs.c: Devname: //sox.local/company/ flags: 64 > fs/cifs/connect.c: CIFS VFS: in cifs_mount as Xid: 215 with uid: 0 > fs/cifs/connect.c: Domain name set > fs/cifs/connect.c: Username: kouprie > fs/cifs/connect.c: UNC: \\sox.local\company ip: 10.0.0.11 > fs/cifs/connect.c: Socket created > fs/cifs/connect.c: sndbuf 16384 rcvbuf 87380 rcvtimeo 0x6d6 > fs/cifs/connect.c: CIFS VFS: in cifs_get_smb_ses as Xid: 216 with uid: 0 > fs/cifs/connect.c: Existing smb sess not found > fs/cifs/cifssmb.c: secFlags 0x80 > fs/cifs/cifssmb.c: NTLMSSP only mechanism, enable extended security > fs/cifs/transport.c: For smb_command 114 > fs/cifs/transport.c: Sending smb: total_len 82 > fs/cifs/connect.c: Demultiplex PID: 1860 > fs/cifs/connect.c: rfc1002 length 0xb4 > fs/cifs/cifssmb.c: Dialect: 2 > fs/cifs/asn1.c: OID len = 7 oid = 0x1 0x2 0x348 0xbb92 > fs/cifs/asn1.c: OID len = 7 oid = 0x1 0x2 0x348 0x1bb92 > fs/cifs/asn1.c: OID len = 8 oid = 0x1 0x2 0x348 0x1bb92 > fs/cifs/asn1.c: OID len = 10 oid = 0x1 0x3 0x6 0x1 > fs/cifs/asn1.c: Need to call asn1_octets_decode() function for > soxdft01$@SOX.LOCAL > fs/cifs/cifssmb.c: Signing disabled > fs/cifs/cifssmb.c: negprot rc 0 > fs/cifs/connect.c: Security Mode: 0x3 Capabilities: 0x8001f3fd TimeAdjust: > -3600 > fs/cifs/sess.c: sess setup type 3 > fs/cifs/sess.c: ntlmssp session setup phase 1 > fs/cifs/transport.c: For smb_command 115 > fs/cifs/transport.c: Sending smb: total_len 198 > fs/cifs/connect.c: rfc1002 length 0x27 > Status code returned 0xc00000bb NT_STATUS_NOT_SUPPORTED > fs/cifs/netmisc.c: Mapping smb error code 50 to POSIX err -22 > fs/cifs/misc.c: Null buffer passed to cifs_small_buf_release > fs/cifs/sess.c: ssetup freeing small buf f0d05500 > CIFS VFS: Send error in SessSetup = -22 > fs/cifs/connect.c: CIFS VFS: leaving cifs_get_smb_ses (xid = 216) rc = -22 > fs/cifs/connect.c: CIFS VFS: leaving cifs_mount (xid = 215) rc = -22 > CIFS VFS: cifs_mount failed w/return code = -22 > > By the way: > > # cat /proc/fs/cifs/Experimental > 2 > > Regards, > > -- > Robbert > > On Mon, 29 Nov 2010, Shirish Pargaonkar wrote: > >> On Mon, Nov 29, 2010 at 6:33 AM, Robbert Kouprie <robbert@xxxxxx> wrote: >>> >>> Hi all, >>> >>> I am trying to mount our DFS root using NTLMv2, but this fails when >>> resolving the DFS target. Surprisingly, when I use NTLM, it does work. >>> >>> This fails: >>> >>> # mount -t cifs //sox.local/company /mnt/bla/ -o >>> username=kouprie,dom=sox,sec=ntlmv2 >>> >>> This works: >>> >>> # mount -t cifs //sox.local/company /mnt/bla/ -o >>> username=kouprie,dom=sox,sec=ntlm >>> >>> I am using linux kernel 2.6.37-rc3 and cifs-utils 4.5-2. >>> I have keyutils 1.4 installed and configured correctly (obviously, since >>> it >>> works when using sec=ntlm). >>> The domain is configured to "Send NTLMv2 response only. Refuse LM". >>> >>> # cat /proc/fs/cifs/DebugData >>> Display Internal CIFS Data Structures for Debugging >>> --------------------------------------------------- >>> CIFS Version 1.68 >>> Features: dfs lanman posix spnego xattr >>> Active VFS Requests: 0 >>> Servers: >>> >>> Log exempt: >>> >>> fs/cifs/cifsfs.c: Devname: //sox.local/company/ flags: 64 >>> fs/cifs/connect.c: CIFS VFS: in cifs_mount as Xid: 6 with uid: 0 >>> fs/cifs/connect.c: Domain name set >>> fs/cifs/connect.c: Username: kouprie >>> fs/cifs/connect.c: UNC: \\sox.local\company ip: 10.0.0.11 >>> fs/cifs/connect.c: Socket created >>> fs/cifs/connect.c: sndbuf 16384 rcvbuf 87380 rcvtimeo 0x6d6 >>> fs/cifs/connect.c: CIFS VFS: in cifs_get_smb_ses as Xid: 7 with uid: 0 >>> fs/cifs/connect.c: Existing smb sess not found >>> fs/cifs/cifssmb.c: secFlags 0x4 >>> fs/cifs/connect.c: Demultiplex PID: 1395 >>> fs/cifs/transport.c: For smb_command 114 >>> fs/cifs/transport.c: Sending smb: total_len 82 >>> fs/cifs/connect.c: rfc1002 length 0x6b >>> fs/cifs/cifssmb.c: Dialect: 2 >>> fs/cifs/cifssmb.c: Signing disabled >>> fs/cifs/cifssmb.c: negprot rc 0 >>> fs/cifs/connect.c: Security Mode: 0x3 Capabilities: 0x1f3fd TimeAdjust: >>> -3600 >>> fs/cifs/sess.c: sess setup type 2 >>> fs/cifs/transport.c: For smb_command 115 >>> fs/cifs/transport.c: Sending smb: total_len 316 >>> fs/cifs/connect.c: rfc1002 length 0xb5 >>> fs/cifs/misc.c: Null buffer passed to cifs_small_buf_release >>> fs/cifs/sess.c: UID = 8192 >>> fs/cifs/sess.c: bleft 135 >>> fs/cifs/sess.c: serverOS=Windows Server 2003 3790 Service Pack 2 >>> fs/cifs/sess.c: serverNOS=Windows Server 2003 5.2 >>> fs/cifs/sess.c: serverDomain=SOX >>> fs/cifs/sess.c: ssetup freeing small buf f0c40000 >>> fs/cifs/connect.c: CIFS Session Established successfully >>> fs/cifs/connect.c: CIFS VFS: leaving cifs_get_smb_ses (xid = 7) rc = 0 >>> fs/cifs/connect.c: file mode: 0x1ed dir mode: 0x1ed >>> fs/cifs/connect.c: CIFS VFS: in cifs_get_tcon as Xid: 8 with uid: 0 >>> fs/cifs/transport.c: For smb_command 117 >>> fs/cifs/transport.c: Sending smb: total_len 94 >>> fs/cifs/connect.c: rfc1002 length 0x27 >>> Status code returned 0xc0000257 NT_STATUS_PATH_NOT_COVERED >>> fs/cifs/netmisc.c: Mapping smb error code 3 to POSIX err -66 >>> fs/cifs/connect.c: CIFS VFS: leaving cifs_get_tcon (xid = 8) rc = -66 >>> fs/cifs/connect.c: CIFS Tcon rc = -66 >>> fs/cifs/connect.c: Getting referral for: \\sox.local\company >>> fs/cifs/transport.c: For smb_command 117 >>> fs/cifs/transport.c: Sending smb: total_len 88 >>> fs/cifs/connect.c: rfc1002 length 0x3c >>> fs/cifs/connect.c: CIFS Tcon rc = 0 ipc_tid = 4100 >>> fs/cifs/cifssmb.c: In GetDFSRefer the path \sox.local\company >>> fs/cifs/transport.c: For smb_command 50 >>> fs/cifs/transport.c: Sending smb: total_len 112 >>> fs/cifs/connect.c: rfc1002 length 0x11c >>> fs/cifs/cifssmb.c: Decoding GetDFSRefer response BCC: 225 Offset 56 >>> fs/cifs/cifssmb.c: num_referrals: 2 dfs flags: 0x3 ... >>> >>> cifs.upcall: key description: dns_resolver;0;0;3f000000;SOXSRV03\C >>> cifs.upcall: unable to resolve hostname: SOXSRV03\C [Name or service not >>> known] >>> >>> CIFS VFS: dns_resolve_server_name_to_ip: unable to resolve: SOXSRV03\C >>> CIFS VFS: cifs_compose_mount_options: Failed to resolve server part of >>> \\SOXSRV03\Company to IP: -126 >>> fs/cifs/connect.c: cifs_put_smb_ses: ses_count=1 >>> >>> fs/cifs/connect.c: CIFS VFS: in cifs_put_smb_ses as Xid: 9 with uid: 0 >>> fs/cifs/cifssmb.c: In SMBLogoff for session disconnect >>> fs/cifs/transport.c: For smb_command 116 >>> fs/cifs/transport.c: Sending smb: total_len 43 >>> fs/cifs/connect.c: rfc1002 length 0x2b >>> fs/cifs/connect.c: CIFS VFS: leaving cifs_mount (xid = 6) rc = -126 >>> CIFS VFS: cifs_mount failed w/return code = -126 >>> >>> As you can see above, upcall tries to resolve "SOXSRV03\C", which is >>> obviously the hostname including the first letter of the share. >>> >>> Does anyone know how I can fix this? >>> >>> Best regards, >>> >>> -- >>> Robbert >>> -- >>> To unsubscribe from this list: send the line "unsubscribe linux-cifs" in >>> the body of a message to majordomo@xxxxxxxxxxxxxxx >>> More majordomo info at http://vger.kernel.org/majordomo-info.html >>> >> >> You can try sec=ntlmssp. What kind of Windows box is this? >> >> > Robert, does sec=ntlmssp without dom=sox helps? A wireshark trace when you issue mount command would be useful. Regards, Shirish -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
