Shirish, Where could mount.cifs 5.7 binaries for RHEL Linux_2.6_x86 be downloaded? Thanks. -----Original Message----- From: Shirish Pargaonkar [mailto:shirishpargaonkar@xxxxxxxxx] Sent: Thursday, October 25, 2012 4:03 PM To: Li, Mike Cc: linux-cifs@xxxxxxxxxxxxxxx Subject: Re: mount.cifs 1.10 to mount share for windows 2008 R2 On Thu, Oct 25, 2012 at 2:13 PM, Li, Mike <Mike.Li@xxxxxxxxx> wrote: > Thanks Shirish. Worked with sec=ntlmv2i and 2 updates from the MS KB. > > Just for our info what is the latest version of mount.cifs? > Man mount.cifs did not have sec=ntlmv2i as option Mike, I think it is 5.7. > > -----Original Message----- > From: Shirish Pargaonkar [mailto:shirishpargaonkar@xxxxxxxxx] > Sent: Thursday, October 25, 2012 2:23 PM > To: Li, Mike > Cc: linux-cifs@xxxxxxxxxxxxxxx > Subject: Re: mount.cifs 1.10 to mount share for windows 2008 R2 > > On Thu, Oct 25, 2012 at 11:51 AM, Li, Mike <Mike.Li@xxxxxxxxx> wrote: >> >> Thanks Shirish for reply and the KB. I added the key >> AllowLegacySrvCall=1 and updated lmcompatibilitylevel from 4 to 3 >> /root/mount.cifs //10.6.65.66/wwwlog$ /mnt/ny4wnwebtp033 >> -odom=EXT,user=LiM2,sec=ntlmv2; > > Perhaps ntlmv2i might help if server mandates smb signing? > A wireshark trace during this exchange would be helpful. > >> Password: >> mount error 13 = Permission denied >> >> >> 12:30:10.024515 IP 150.123.157.31.53669 > 10.6.65.66.microsoft-ds: S >> 1463279188:1463279188(0) win 5840 <mss 1460,sackOK,timestamp >> 277814120 0,nop,wscale 5> >> 12:30:10.039730 IP 10.6.65.66.microsoft-ds > 150.123.157.31.53669: S >> 2511355381:2511355381(0) ack 1463279189 win 5792 <mss >> 1432,sackOK,timestamp 922908730 277814120,nop,wscale 2> >> 12:30:10.039746 IP 150.123.157.31.53669 > 10.6.65.66.microsoft-ds: . >> ack 1 win 183 <nop,nop,timestamp 277814135 922908730> >> 12:30:10.039779 IP 150.123.157.31.53669 > 10.6.65.66.microsoft-ds: P >> 1:83(82) ack 1 win 183 <nop,nop,timestamp 277814135 922908730> >> 12:30:10.040249 IP 10.6.65.66.microsoft-ds > 150.123.157.31.53669: . >> ack 83 win 1448 <nop,nop,timestamp 922908730 277814135> >> 12:30:10.050957 IP 10.6.65.66.microsoft-ds > 150.123.157.31.53669: P >> 1:118(117) ack 83 win 1448 <nop,nop,timestamp 922908741 277814135> >> 12:30:10.050978 IP 150.123.157.31.53669 > 10.6.65.66.microsoft-ds: . >> ack 118 win 183 <nop,nop,timestamp 277814146 922908741> >> 12:30:10.051013 IP 150.123.157.31.53669 > 10.6.65.66.microsoft-ds: P >> 83:331(248) ack 118 win 183 <nop,nop,timestamp 277814146 922908741> >> 12:30:10.062349 IP 10.6.65.66.microsoft-ds > 150.123.157.31.53669: P >> 118:355(237) ack 331 win 1716 <nop,nop,timestamp 922908752 277814146> >> 12:30:10.077153 IP 150.123.157.31.53669 > 10.6.65.66.microsoft-ds: P >> 331:427(96) ack 355 win 216 <nop,nop,timestamp 277814172 922908752> >> 12:30:10.086069 IP 10.6.65.66.microsoft-ds > 150.123.157.31.53669: P >> 355:394(39) ack 427 win 1716 <nop,nop,timestamp 922908776 277814172> >> 12:30:10.086262 IP 150.123.157.31.53669 > 10.6.65.66.microsoft-ds: P >> 427:470(43) ack 394 win 216 <nop,nop,timestamp 277814181 922908776> >> 12:30:10.095249 IP 10.6.65.66.microsoft-ds > 150.123.157.31.53669: P >> 394:433(39) ack 470 win 1716 <nop,nop,timestamp 922908785 277814181> >> 12:30:10.135767 IP 150.123.157.31.53669 > 10.6.65.66.microsoft-ds: . >> ack 433 win 216 <nop,nop,timestamp 277814231 922908785> >> 12:30:10.221774 IP 150.123.157.31.53669 > 10.6.65.66.microsoft-ds: F >> 470:470(0) ack 433 win 216 <nop,nop,timestamp 277814317 922908785> >> 12:30:10.231159 IP 10.6.65.66.microsoft-ds > 150.123.157.31.53669: F >> 433:433(0) ack 471 win 1716 <nop,nop,timestamp 922908921 277814317> >> 12:30:10.231176 IP 150.123.157.31.53669 > 10.6.65.66.microsoft-ds: . >> ack 434 win 216 <nop,nop,timestamp 277814326 922908921> >> >> -----Original Message----- >> From: Shirish Pargaonkar [mailto:shirishpargaonkar@xxxxxxxxx] >> Sent: Thursday, October 25, 2012 12:18 PM >> To: Li, Mike >> Cc: linux-cifs@xxxxxxxxxxxxxxx >> Subject: Re: mount.cifs 1.10 to mount share for windows 2008 R2 >> >> On Thu, Oct 25, 2012 at 10:52 AM, Li, Mike <Mike.Li@xxxxxxxxx> wrote: >>> I also tried going with port 445, and getting: >>> >>> /root/mount.cifs //10.6.65.66/wwwlog$ /mnt/ny4wnwebtp033 >>> -odom=EXT,user=LiM2,port=445,sec=ntlmv2i; >>> Password: >>> mount error 22 = Invalid argument >>> >>> 11:46:09.729653 IP (tos 0x0, ttl 64, id 57474, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 60) 150.123.157.31.50075 > >>> 10.6.65.66.microsoft-ds: S, cksum 0x271b (correct), >>> 2967089806:2967089806(0) win 5840 <mss 1460,sackOK,timestamp >>> 275173900 0,nop,wscale 5> >>> 11:46:09.738708 IP (tos 0x28, ttl 62, id 0, offset 0, flags [DF], >>> proto: TCP (6), length: 60) 10.6.65.66.microsoft-ds > >>> 150.123.157.31.50075: S, cksum 0x8495 (correct), >>> 4026420658:4026420658(0) ack 2967089807 win 5792 <mss >>> 1432,sackOK,timestamp 920268344 275173900,nop,wscale 2> >>> 11:46:09.738730 IP (tos 0x0, ttl 64, id 57475, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 52) 150.123.157.31.50075 > >>> 10.6.65.66.microsoft-ds: ., cksum 0xc920 (correct), 1:1(0) ack 1 win >>> 183 <nop,nop,timestamp 275173909 920268344> >>> 11:46:09.738830 IP (tos 0x0, ttl 64, id 57476, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 134) 150.123.157.31.50075 > >>> 10.6.65.66.microsoft-ds: P 1:83(82) ack 1 win 183 <nop,nop,timestamp >>> 275173909 920268344> >>> 11:46:09.739294 IP (tos 0x28, ttl 62, id 25482, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 52) 10.6.65.66.microsoft-ds > >>> 150.123.157.31.50075: ., cksum 0xc3dc (correct), 1:1(0) ack 83 win >>> 1448 <nop,nop,timestamp 920268345 275173909> >>> 11:46:09.749951 IP (tos 0x28, ttl 62, id 25484, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 169) 10.6.65.66.microsoft-ds > >>> 150.123.157.31.50075: P 1:118(117) ack 83 win 1448 >>> <nop,nop,timestamp >>> 920268356 275173909> >>> 11:46:09.750005 IP (tos 0x0, ttl 64, id 57477, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 52) 150.123.157.31.50075 > >>> 10.6.65.66.microsoft-ds: ., cksum 0xc841 (correct), 83:83(0) ack 118 >>> win 183 <nop,nop,timestamp 275173921 920268356> >>> 11:46:09.750053 IP (tos 0x0, ttl 64, id 57478, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 300) 150.123.157.31.50075 > >>> 10.6.65.66.microsoft-ds: P 83:331(248) ack 118 win 183 >>> <nop,nop,timestamp 275173921 920268356> >>> 11:46:09.760126 IP (tos 0x28, ttl 62, id 25486, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 91) 10.6.65.66.microsoft-ds > >>> 150.123.157.31.50075: P 118:157(39) ack 331 win 1716 >>> <nop,nop,timestamp 920268366 275173921> >>> 11:46:09.800471 IP (tos 0x0, ttl 64, id 57479, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 52) 150.123.157.31.50075 > >>> 10.6.65.66.microsoft-ds: ., cksum 0xc6e6 (correct), 331:331(0) ack >>> 157 win 183 <nop,nop,timestamp 275173971 920268366> >>> 11:46:09.888773 IP (tos 0x0, ttl 64, id 57480, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 52) 150.123.157.31.50075 > >>> 10.6.65.66.microsoft-ds: F, cksum 0xc68d (correct), 331:331(0) ack >>> 157 win 183 <nop,nop,timestamp 275174059 920268366> >>> 11:46:09.899433 IP (tos 0x28, ttl 62, id 25488, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 52) 10.6.65.66.microsoft-ds > >>> 150.123.157.31.50075: F, cksum 0xc005 (correct), 157:157(0) ack 332 >>> win 1716 <nop,nop,timestamp 920268504 275174059> >>> 11:46:09.899440 IP (tos 0x0, ttl 64, id 57481, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 52) 150.123.157.31.50075 > >>> 10.6.65.66.microsoft-ds: ., cksum 0xc5f7 (correct), 332:332(0) ack >>> 158 win 183 <nop,nop,timestamp 275174070 920268504> >>> >>> >>> -----Original Message----- >>> From: Li, Mike >>> Sent: Thursday, October 25, 2012 10:48 AM >>> To: 'linux-cifs@xxxxxxxxxxxxxxx' >>> Subject: mount.cifs 1.10 to mount share for windows 2008 R2 >>> >>> Hi, >>> >>> Tried to mount a share from windows 2008 R2 on Linux 2.6.19-1.2895.fc6, but have been not successful. >>> Not sure why I'm getting "NBT SessionReject" from the win2008 server. Is there any registry update needed or a newer version of mount.cifs? >>> Please help. Thanks. >>> >>> My version of mount.cifs is 1.10. Not sure if there is a newer version. >>> sec= Security mode. Allowed values are: >>> >>> Â. none attempt to connection as a null user (no >>> name) >>> >>> Â. krb5 Use Kerberos version 5 authentication >>> >>> Â. krb5i Use Kerberos authentication and packet >>> signing >>> >>> Â. ntlm Use NTLM password hashing (default) >>> >>> Â. ntlmi Use NTLM password hashing with signing (if >>> /proc/fs/cifs/PacketSigningEnabled on or if server requires >>> signing also can be the default) >>> >>> Â. ntlmv2 Use NTLMv2 password hashing >>> >>> Â. ntlmv2i Use NTLMv2 password hashing with packet >>> signing >>> >>> [NB This [sec parameter] is under development and expected to be >>> available in cifs kernel module 1.40 and later] >>> >>> >>> # /root/mount.cifs //10.6.65.66/wwwlog$ /mnt/ny4wnwebtp033 >>> -odom=EXT,LiM2,sec=ntlmv2i,port=139 >>> mount error 112 = Host is down >>> # /root/mount.cifs //10.6.65.66/wwwlog$ /mnt/ny4wnwebtp033 >>> -odom=EXT,user=LiM2,sec=krb5,port=139; >>> Password: >>> mount error 112 = Host is down >>> Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) >>> >>> tcpdump host 10.6.65.66 -n -vv >>> tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture >>> size >>> 96 bytes >>> 16:08:00.714252 IP (tos 0x0, ttl 64, id 4663, offset 0, flags [DF], >>> proto: TCP (6), length: 60) 150.123.157.31.56122 > >>> 10.6.65.66.netbios-ssn: S, cksum 0x1f2f (correct), >>> 1324558118:1324558118(0) win 5840 <mss 1460,sackOK,timestamp >>> 204485905 0,nop,wscale 5> >>> 16:08:00.729388 IP (tos 0x28, ttl 62, id 0, offset 0, flags [DF], >>> proto: TCP (6), length: 60) 10.6.65.66.netbios-ssn > >>> 150.123.157.31.56122: S, cksum 0xc876 (correct), >>> 2392791643:2392791643(0) ack 1324558119 win 5792 <mss >>> 1432,sackOK,timestamp 849574744 204485905,nop,wscale 2> >>> 16:08:00.729396 IP (tos 0x0, ttl 64, id 4664, offset 0, flags [DF], >>> proto: TCP (6), length: 52) 150.123.157.31.56122 > >>> 10.6.65.66.netbios-ssn: ., cksum 0x0cfc (correct), 1:1(0) ack 1 win >>> 183 <nop,nop,timestamp 204485920 849574744> >>> 16:08:00.729466 IP (tos 0x0, ttl 64, id 4665, offset 0, flags [DF], >>> proto: TCP (6), length: 124) 150.123.157.31.56122 > >>> 10.6.65.66.netbios-ssn: P 1:73(72) ack 1 win 183 <nop,nop,timestamp >>> 204485920 849574744> >>>>>> NBT Session Packet >>> NBT Session Request >>> Flags=0x0 >>> Length=68 (0x44) >>> Destination= >>> WARNING: Short packet. Try increasing the snap length >>> >>> >>> 16:08:00.729980 IP (tos 0x28, ttl 62, id 24837, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 52) 10.6.65.66.netbios-ssn > >>> 150.123.157.31.56122: ., cksum 0x07c2 (correct), 1:1(0) ack 73 win >>> 1448 <nop,nop,timestamp 849574745 204485920> >>> 16:08:00.730880 IP (tos 0x0, ttl 64, id 4666, offset 0, flags [DF], >>> proto: TCP (6), length: 134) 150.123.157.31.56122 > >>> 10.6.65.66.netbios-ssn: P 73:155(82) ack 1 win 183 >>> <nop,nop,timestamp >>> 204485922 849574745> >>>>>> NBT Session Packet >>> NBT Session Message >>> Flags=0x0 >>> Length=78 (0x4e) >>> WARNING: Short packet. Try increasing the snap length by 52 >>> >>> SMB PACKET: SMBnegprot (REQUEST) >>> SMB Command = 0x72 >>> Error class = 0x0 >>> Error code = 0 (0x0) >>> Flags1 = 0x0 >>> Flags2 = 0x1 >>> Tree ID = 0 (0x0) >>> Proc ID = >>> WARNING: Short packet. Try increasing the snap length [|SMB] >>> >>> 16:08:00.731379 IP (tos 0x28, ttl 62, id 24839, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 52) 10.6.65.66.netbios-ssn > >>> 150.123.157.31.56122: ., cksum 0x076d (correct), 1:1(0) ack 155 win >>> 1448 <nop,nop,timestamp 849574746 204485922> >>> 16:08:00.740412 IP (tos 0x28, ttl 62, id 24841, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 57) 10.6.65.66.netbios-ssn > >>> 150.123.157.31.56122: P, cksum 0x0255 (correct), 1:6(5) ack 155 win >>> 1448 <nop,nop,timestamp 849574755 204485922> >>>>>> NBT Session Packet >>> NBT SessionReject >>> Flags=0x0 >>> Length=1 (0x1) >>> Reason=0x82 >>> Called name not present >>> >>> >>> 16:08:00.740512 IP (tos 0x0, ttl 64, id 4667, offset 0, flags [DF], >>> proto: TCP (6), length: 52) 150.123.157.31.56122 > >>> 10.6.65.66.netbios-ssn: ., cksum 0x0c47 (correct), 155:155(0) ack 6 >>> win 183 <nop,nop,timestamp 204485931 849574755> >>> 16:08:00.747499 IP (tos 0x28, ttl 62, id 24843, offset 0, flags >>> [DF], >>> proto: TCP (6), length: 52) 10.6.65.66.netbios-ssn > >>> 150.123.157.31.56122: F, cksum 0x074e (correct), 6:6(0) ack 155 win >>> 1448 <nop,nop,timestamp 849574762 204485931> >>> 16:08:00.786870 IP (tos 0x0, ttl 64, id 4668, offset 0, flags [DF], >>> proto: TCP (6), length: 52) 150.123.157.31.56122 > >>> 10.6.65.66.netbios-ssn: ., cksum 0x0c10 (correct), 155:155(0) ack 7 >>> win 183 <nop,nop,timestamp 204485978 849574762> >>> 16:08:00.866869 IP (tos 0x0, ttl 64, id 4669, offset 0, flags [DF], >>> proto: TCP (6), length: 52) 150.123.157.31.56122 > >>> 10.6.65.66.netbios-ssn: R, cksum 0x0bbc (correct), 155:155(0) ack 7 >>> win 183 <nop,nop,timestamp 204486058 849574762> >>> >>> >>> Confidentiality Notice: This email, including attachments, may >>> include non-public, proprietary, confidential or legally privileged >>> information. If you are not an intended recipient or an authorized >>> agent of an intended recipient, you are hereby notified that any >>> dissemination, distribution or copying of the information contained >>> in or transmitted with this e-mail is unauthorized and strictly >>> prohibited. If you have received this email in error, please notify >>> the sender by replying to this message and permanently delete this >>> e-mail, its attachments, and any copies of it immediately. You >>> should not retain, copy or use this e-mail or any attachment for any >>> purpose, nor disclose all or any part of the contents to any other person. >>> Thank you >>> >>> -- >>> To unsubscribe from this list: send the line "unsubscribe linux-cifs" >>> in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo >>> info at http://vger.kernel.org/majordomo-info.html >> >> Perhaps the Windows 2008 server is missing this patch! >> >> http://support.microsoft.com/kb/957441/en-us >> >> Confidentiality Notice: This email, including attachments, may >> include non-public, proprietary, confidential or legally privileged >> information. If you are not an intended recipient or an authorized >> agent of an intended recipient, you are hereby notified that any >> dissemination, distribution or copying of the information contained >> in or transmitted with this e-mail is unauthorized and strictly >> prohibited. If you have received this email in error, please notify >> the sender by replying to this message and permanently delete this >> e-mail, its attachments, and any copies of it immediately. You >> should not retain, copy or use this e-mail or any attachment for any >> purpose, nor disclose all or any part of the contents to any other person. >> Thank you >> >> > > Confidentiality Notice: This email, including attachments, may > include non-public, proprietary, confidential or legally privileged > information. If you are not an intended recipient or an authorized > agent of an intended recipient, you are hereby notified that any > dissemination, distribution or copying of the information contained in > or transmitted with this e-mail is unauthorized and strictly > prohibited. If you have received this email in error, please notify > the sender by replying to this message and permanently delete this > e-mail, its attachments, and any copies of it immediately. You should > not retain, copy or use this e-mail or any attachment for any purpose, > nor disclose all or any part of the contents to any other person. > Thank you > > Confidentiality Notice: This email, including attachments, may include non-public, proprietary, confidential or legally privileged information. If you are not an intended recipient or an authorized agent of an intended recipient, you are hereby notified that any dissemination, distribution or copying of the information contained in or transmitted with this e-mail is unauthorized and strictly prohibited. If you have received this email in error, please notify the sender by replying to this message and permanently delete this e-mail, its attachments, and any copies of it immediately. You should not retain, copy or use this e-mail or any attachment for any purpose, nor disclose all or any part of the contents to any other person. Thank you -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html