[Bug 510171] [NEW] connection from windows clients only works using IP, not using hostname
Jurgen Depicker
jurgen.lists at gmail.com
Wed Jan 20 16:05:34 GMT 2010
Public bug reported:
Binary package hint: samba
*Situation: linux samba server (named NAS) in a corporate network; many clients: ubuntu desktop & server, W2K, WXP, WVista, W7
*problem: since a couple of months, vista (or W7) clients can no longer connect to the NAS by hostname. Connection by IP does work. We don't enter a username, since there is no need for this (smb.conf further below). The problem is only present for Vista Business or W7 Professional.
I tried the fixes reported here and there for authentication level default in Vista and later, eg on http://alinconstantin.blogspot.com/2009/10/windows-7-cannot-access-smb-shares-on.html
but this didn't solve my problem.
* NAS smb server configuration:
root at nas:~# smbd --version
Version 3.3.2
root at nas:~# lsb_release -rd
Description: Ubuntu 9.04
Release: 9.04
smb.conf (only one share definition included; it is INSTALL allowing anonymous access):
# Samba config file created using SWAT
# from UNKNOWN ()
# Date: 2009/10/27 14:25:30
[global]
netbios name = NAS
workgroup = LETDEINZE
server string = %h server (Samba, Ubuntu)
client schannel = Yes
server schannel = Yes
map to guest = Bad User
guest account = nobody
obey pam restrictions = Yes
passdb backend = tdbsam
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log level = 3
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
admin users = beheerder, JDE
create mask = 03660
directory mask = 03770
#for vista compatibility
client lanman auth = no
client ntlmv2 auth = yes
netbios name = nas
[install]
comment = Source of installation files
path = /media/install
invalid users = root
admin users =
write list = +Installers
create mask = 03644
directory mask = 03755
browseable = yes
guest ok = yes
Demo of the problem, trying to connect from W7 Professional:
C:\Users\jde>ping nas
Pinging nas [172.16.1.4] with 32 bytes of data:
Reply from 172.16.1.4: bytes=32 time=22ms TTL=64
Reply from 172.16.1.4: bytes=32 time=1ms TTL=64
Reply from 172.16.1.4: bytes=32 time=1ms TTL=64
Reply from 172.16.1.4: bytes=32 time=3ms TTL=64
Ping statistics for 172.16.1.4:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 22ms, Average = 6ms
C:\Users\jde>net use \\nas
The password or user name is invalid for \\nas.
Enter the user name for 'nas':
System error 1223 has occurred.
The operation was canceled by the user.
C:\Users\jde>net use \\172.16.1.4
The command completed successfully.
Samba log:
I include two logs. The first is the connection by hostname, which fails. This log is identical to the second log (connection by IP) for the first 38 lines. I mark this start-of-difference with'******(from here different with second log)*****'.
(first, non-working connection by hostname)
[2010/01/19 17:35:54, 3] smbd/oplock.c:init_oplocks(910)
init_oplocks: initializing messages.
[2010/01/19 17:35:54, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(241)
Linux kernel oplocks enabled
[2010/01/19 17:35:54, 3] smbd/process.c:process_smb(1576)
Transaction 0 of length 159 (0 toread)
[2010/01/19 17:35:54, 3] smbd/process.c:switch_message(1393)
switch message SMBnegprot (pid 23957) conn 0x0
[2010/01/19 17:35:54, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/01/19 17:35:54, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2010/01/19 17:35:54, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [LANMAN1.0]
[2010/01/19 17:35:54, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [Windows for Workgroups 3.1a]
[2010/01/19 17:35:54, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [LM1.2X002]
[2010/01/19 17:35:54, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [LANMAN2.1]
[2010/01/19 17:35:54, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [NT LM 0.12]
[2010/01/19 17:35:54, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [SMB 2.002]
[2010/01/19 17:35:54, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [SMB 2.???]
[2010/01/19 17:35:54, 3] smbd/negprot.c:reply_nt1(392)
using SPNEGO
[2010/01/19 17:35:54, 3] smbd/negprot.c:reply_negprot(674)
Selected protocol NT LM 0.12
[2010/01/19 17:35:54, 3] smbd/process.c:process_smb(1576)
Transaction 1 of length 1640 (0 toread)
[2010/01/19 17:35:54, 3] smbd/process.c:switch_message(1393)
switch message SMBsesssetupX (pid 23957) conn 0x0
[2010/01/19 17:35:54, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/01/19 17:35:54, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1412)
wct=12 flg2=0xc807
[2010/01/19 17:35:54, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1175)
Doing spnego session setup
[2010/01/19 17:35:54, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1210)
NativeOS=[] NativeLanMan=[] PrimaryDomain=[]
[2010/01/19 17:35:54, 3] smbd/sesssetup.c:reply_spnego_negotiate(802)
reply_spnego_negotiate: Got secblob of size 1495
[2010/01/19 17:35:54, 3] smbd/sesssetup.c:reply_spnego_downgrade_to_ntlmssp(770)
reply_spnego_downgrade_to_ntlmssp: Got krb5 ticket in SPNEGO but set to downgrade to NTLMSSP
[2010/01/19 17:35:54, 3] smbd/process.c:process_smb(1576)
Transaction 2 of length 120 (0 toread)
[2010/01/19 17:35:54, 3] smbd/process.c:switch_message(1393)
switch message SMBsesssetupX (pid 23957) conn 0x0
[2010/01/19 17:35:54, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/01/19 17:35:54, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1412)
wct=12 flg2=0xc807
******(from here different with second log)*****
[2010/01/19 17:35:54, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1175)
Doing spnego session setup
[2010/01/19 17:35:54, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1210)
NativeOS=[] NativeLanMan=[] PrimaryDomain=[]
[2010/01/19 17:35:54, 3] libsmb/clispnego.c:spnego_parse_auth(477)
spnego_parse_auth failed at 5
[2010/01/19 17:35:54, 3] smbd/error.c:error_packet_set(61)
error packet at smbd/sesssetup.c(877) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE
[2010/01/19 17:36:09, 0] lib/util_sock.c:read_socket_with_timeout(939)
[2010/01/19 17:36:09, 0] lib/util_sock.c:get_peer_addr_internal(1676)
getpeername failed. Error was Transport endpoint is not connected
read_socket_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
[2010/01/19 17:36:09, 3] smbd/process.c:smbd_process(1952)
receive_message_or_smb failed: NT_STATUS_ACCESS_DENIED, exiting
[2010/01/19 17:36:09, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/01/19 17:36:09, 3] smbd/connection.c:yield_connection(31)
Yielding connection to
[2010/01/19 17:36:09, 3] smbd/server.c:exit_server_common(964)
Server exit (normal exit)
(second, working connection by hostname)
[2010/01/19 17:37:28, 3] smbd/oplock.c:init_oplocks(910)
init_oplocks: initializing messages.
[2010/01/19 17:37:28, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(241)
Linux kernel oplocks enabled
[2010/01/19 17:37:28, 3] smbd/process.c:process_smb(1576)
Transaction 0 of length 159 (0 toread)
[2010/01/19 17:37:28, 3] smbd/process.c:switch_message(1393)
switch message SMBnegprot (pid 23981) conn 0x0
[2010/01/19 17:37:28, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/01/19 17:37:28, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2010/01/19 17:37:28, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [LANMAN1.0]
[2010/01/19 17:37:28, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [Windows for Workgroups 3.1a]
[2010/01/19 17:37:28, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [LM1.2X002]
[2010/01/19 17:37:28, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [LANMAN2.1]
[2010/01/19 17:37:28, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [NT LM 0.12]
[2010/01/19 17:37:28, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [SMB 2.002]
[2010/01/19 17:37:28, 3] smbd/negprot.c:reply_negprot(569)
Requested protocol [SMB 2.???]
[2010/01/19 17:37:28, 3] smbd/negprot.c:reply_nt1(392)
using SPNEGO
[2010/01/19 17:37:28, 3] smbd/negprot.c:reply_negprot(674)
Selected protocol NT LM 0.12
[2010/01/19 17:37:28, 3] smbd/process.c:process_smb(1576)
Transaction 1 of length 142 (0 toread)
[2010/01/19 17:37:28, 3] smbd/process.c:switch_message(1393)
switch message SMBsesssetupX (pid 23981) conn 0x0
[2010/01/19 17:37:28, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/01/19 17:37:28, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1412)
wct=12 flg2=0xc807
[2010/01/19 17:37:28, 2] smbd/sesssetup.c:setup_new_vc_session(1368)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2010/01/19 17:37:28, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1175)
Doing spnego session setup
[2010/01/19 17:37:28, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1210)
NativeOS=[] NativeLanMan=[] PrimaryDomain=[]
[2010/01/19 17:37:28, 3] smbd/sesssetup.c:reply_spnego_negotiate(802)
reply_spnego_negotiate: Got secblob of size 40
[2010/01/19 17:37:28, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0xe2088297
[2010/01/19 17:37:28, 3] smbd/process.c:process_smb(1576)
Transaction 2 of length 268 (0 toread)
[2010/01/19 17:37:28, 3] smbd/process.c:switch_message(1393)
switch message SMBsesssetupX (pid 23981) conn 0x0
[2010/01/19 17:37:28, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/01/19 17:37:28, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1412)
wct=12 flg2=0xc807
******(from here different with first log)*****
[2010/01/19 17:37:28, 2] smbd/sesssetup.c:setup_new_vc_session(1368)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2010/01/19 17:37:28, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1175)
Doing spnego session setup
[2010/01/19 17:37:28, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1210)
NativeOS=[] NativeLanMan=[] PrimaryDomain=[]
[2010/01/19 17:37:28, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(747)
Got user=[JDE] domain=[LETDEINZE] workstation=[LAP022] len1=24 len2=24
** Affects: samba (Ubuntu)
Importance: Undecided
Status: New
--
connection from windows clients only works using IP, not using hostname
https://bugs.launchpad.net/bugs/510171
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.
More information about the Ubuntu-server-bugs
mailing list