12461 – smbclient unable work with DFS share

Bug 12461 - smbclient unable work with DFS share

Summary: smbclient unable work with DFS share

Status:	NEW

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	libsmbclient (show other bugs)
Version:	4.5.1
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2016-12-06 12:48 UTC by mikhail.v.gavrilov
Modified:	2017-02-08 17:37 UTC (History)
CC List:	2 users (show)

See Also:

Attachments
samba.log (28.52 KB, text/plain) 2017-01-30 10:43 UTC, mikhail.v.gavrilov	no flags	Details
dump (83.97 KB, text/plain) 2017-01-30 10:56 UTC, mikhail.v.gavrilov	no flags	Details
dump binary (721.83 KB, application/vnd.tcpdump.pcap) 2017-01-30 15:26 UTC, mikhail.v.gavrilov	no flags	Details
dump binary (5.64 KB, application/vnd.tcpdump.pcap) 2017-01-30 18:17 UTC, mikhail.v.gavrilov	no flags	Details
samba.log (10.07 KB, text/x-log) 2017-01-31 15:39 UTC, mikhail.v.gavrilov	no flags	Details
dump.pcap (7.94 KB, application/vnd.tcpdump.pcap) 2017-01-31 15:46 UTC, mikhail.v.gavrilov	no flags	Details
samba.log (9.64 KB, text/x-log) 2017-01-31 17:09 UTC, mikhail.v.gavrilov	no flags	Details
dump.pcap (5.92 KB, application/vnd.tcpdump.pcap) 2017-01-31 17:11 UTC, mikhail.v.gavrilov	no flags	Details
smbclient.log (24.86 KB, text/x-log) 2017-02-07 19:37 UTC, mikhail.v.gavrilov	no flags	Details
dump.pcap (6.50 KB, application/vnd.tcpdump.pcap) 2017-02-07 19:38 UTC, mikhail.v.gavrilov	no flags	Details
smbclient.log (9.25 KB, text/plain) 2017-02-08 17:37 UTC, mikhail.v.gavrilov	no flags	Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description mikhail.v.gavrilov 2016-12-06 12:48:45 UTC

$ smbclient --version
Version 4.5.1


$ smbclient -L //corp.tensor.ru/DFS -U mv.gavrilov -W REGION
Enter mv.gavrilov's password:
Domain=[TENSOR-CORP] OS=[Windows Server 2012 Standard 9200] Server=[Windows Server 2012 Standard 6.2]

        Sharename       Type      Comment
        ---------       ----      -------
        ADMIN$          Disk      Удаленный Admin
        C$              Disk      Стандартный общий ресурс
        DFS             Disk
        IPC$            IPC       Удаленный IPC
        NETLOGON        Disk      Общий сервер входа
        SYSVOL          Disk      Общий сервер входа
Connection to corp.tensor.ru failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND)
NetBIOS over TCP disabled -- no workgroup available

Second launch get another result:

$ smbclient -L //corp.tensor.ru/DFS -U mv.gavrilov -W REGION
Enter mv.gavrilov's password:
Domain=[TENSOR-CORP] OS=[Windows Server 2012 R2 Datacenter 9600] Server=[Windows Server 2012 R2 Datacenter 6.3] 
tree connect failed: NT_STATUS_DUPLICATE_NAME


Not show server info here.

$ smbclient //corp.tensor.ru/DFS -U mv.gavrilov -W REGION -c "ls Usersspace/*"
Enter mv.gavrilov's password:
Domain=[TENSOR-CORP] OS=[Windows Server 2012 R2 Standard 9600] Server=[Windows Server 2012 R2 Standard 6.3]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME

Second launch get another result:

$ smbclient //corp.tensor.ru/DFS -U mv.gavrilov -W REGION -c "ls Usersspace/*"
Enter mv.gavrilov's password:
Domain=[TENSOR-CORP] OS=[Windows Server 2012 R2 Datacenter 9600] Server=[Windows Server 2012 R2 Datacenter 6.3] 
tree connect failed: NT_STATUS_DUPLICATE_NAME


Not listed directories here.

Comment 1 Aurélien Aptel 2017-01-19 13:57:51 UTC

Could you provide a network capture (using wireshark or tcpdump) and full debug log (call smbclient with -d10).

Comment 2 mikhail.v.gavrilov 2017-01-30 10:43:02 UTC

Created attachment 12862 [details]
samba.log

Comment 3 mikhail.v.gavrilov 2017-01-30 10:56:41 UTC

Created attachment 12863 [details]
dump

Comment 4 Aurélien Aptel 2017-01-30 14:41:15 UTC

Thanks Mikhail, however the dump you attached is not a proper binary pcap capture. See [1] for help in making the capture.

1: https://wiki.samba.org/index.php/Capture_Packets

Comment 5 mikhail.v.gavrilov 2017-01-30 15:26:46 UTC

Created attachment 12867 [details]
dump binary

Comment 6 mikhail.v.gavrilov 2017-01-30 18:17:14 UTC

Created attachment 12869 [details]
dump binary

Comment 7 Aurélien Aptel 2017-01-31 14:39:30 UTC

Do you know how the domain is resolved? (DNS or an entry in /etc/hosts or..) it could be related to the domain name you use not matching netbios name the server has.

Can you try to access the server via IP address?

    smbclient //10.76.4.20/DFS ....

Comment 8 mikhail.v.gavrilov 2017-01-31 15:39:49 UTC

Created attachment 12885 [details]
samba.log

Comment 9 mikhail.v.gavrilov 2017-01-31 15:42:36 UTC

> Do you know how the domain is resolved?
Domain for server: corp.tensor.ru (NETBIOS name TENSOR-CORP)
Domain with my account: region.tensor.ru (NETBIOS name REGION)

Comment 10 mikhail.v.gavrilov 2017-01-31 15:46:47 UTC

Created attachment 12886 [details]
dump.pcap

Comment 11 Aurélien Aptel 2017-01-31 16:39:32 UTC

If you look at packet #17 (DFS referral response) you can see that the server has its DFS links set using non-dns names:

  Path: \10.76.4.20\DFS
  Alt Path: \10.76.4.20\DFS
  Node: \DC1\DFS
         ^^^ here

Which is not the best practice. So solution 1 would be to fix the server and use fqdn names.

If you don't want to touch the server:

Solution 2: The logs seems to imply that its trying to use nmbd to resolve the netbios names which is not running. nmbd is a daemon part of samba that does the broadcast and resolves netbios names. You could try to start it ("service nmb start" or your distro equivalent command) and run smbclient again.

Solution 3: If it still fails to resolve thoses names you can manually add the mapping (name->ip) in your lmhosts file, which is like /etc/hosts but specifically for SMB stuff. Default location of that file is /etc/samba/lmhosts, but you use "/usr/sbin/smbd -b|grep LMHOSTS" if it was changed. You will have to add a line for each DCx machines (the pcap file says there are 4):

10.x.y.z  DC1
10.x.y.z  DC2
...etc

Comment 12 mikhail.v.gavrilov 2017-01-31 17:08:06 UTC

# systemctl status nmb
● nmb.service - Samba NMB Daemon
   Loaded: loaded (/usr/lib/systemd/system/nmb.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2017-01-31 22:00:20 +05; 4min 57s ago
 Main PID: 16937 (nmbd)
   Status: "nmbd: ready to serve connections..."
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/nmb.service
           └─16937 /usr/sbin/nmbd

Jan 31 22:00:43 localhost.localdomain nmbd[16937]:   
Jan 31 22:00:43 localhost.localdomain nmbd[16937]:   Samba name server LOCALHOST is now a local master browser for workgroup SAMBA on subnet 192.168.1.86
Jan 31 22:00:43 localhost.localdomain nmbd[16937]:   
Jan 31 22:00:43 localhost.localdomain nmbd[16937]:   *****
Jan 31 22:00:43 localhost.localdomain nmbd[16937]: [2017/01/31 22:00:43.886241,  0] ../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2)
Jan 31 22:00:43 localhost.localdomain nmbd[16937]:   *****
Jan 31 22:00:43 localhost.localdomain nmbd[16937]:   
Jan 31 22:00:43 localhost.localdomain nmbd[16937]:   Samba name server LOCALHOST is now a local master browser for workgroup SAMBA on subnet 192.168.122.1
Jan 31 22:00:43 localhost.localdomain nmbd[16937]:   
Jan 31 22:00:43 localhost.localdomain nmbd[16937]:   *****

Comment 13 mikhail.v.gavrilov 2017-01-31 17:09:17 UTC

Created attachment 12887 [details]
samba.log

Comment 14 mikhail.v.gavrilov 2017-01-31 17:11:59 UTC

Created attachment 12888 [details]
dump.pcap

Comment 15 mikhail.v.gavrilov 2017-01-31 17:12:27 UTC

nmbd service not helps

Comment 16 Aurélien Aptel 2017-02-01 13:43:31 UTC

Have you tried adding the name->ip mappings in the lmhosts file?

Comment 17 Aurélien Aptel 2017-02-01 14:04:46 UTC

in the last smbclient.log, we can see corp.tensor.ru can be resolved to 7 addresses. smbclient tries them all asynchroneously and I guess it keeps using the one that replies first, even if it ends up not working.

>namecache_store: storing 7 addresses for corp.tensor.ru#20: >10.76.101.131,10.76.163.189,10.76.4.252,10.76.4.253,10.76.4.20,10.76.163.190,10.76.101.124

The "bad network name" error means the host doesn't have a share named DFS by the way.

I think this bug is a duplicate of Bug#10289.

In meantime, the workaround would be to connect to the DFS host via one its working IP (working as in, the server actually has share named DFS), and use name->ip mapping for the servers that actually store the data.

Comment 18 mikhail.v.gavrilov 2017-02-07 19:37:42 UTC

Created attachment 12906 [details]
smbclient.log

Comment 19 mikhail.v.gavrilov 2017-02-07 19:38:09 UTC

Created attachment 12907 [details]
dump.pcap

Comment 20 mikhail.v.gavrilov 2017-02-07 19:39:43 UTC

I am add manually mapping ip to /etc/samba/lmhosts file
And now result is:

> Connecting to 10.76.4.20 at port 139
> Connecting to 10.76.4.20 at port 139
> Connection to 10.76.4.20 failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND)
> NetBIOS over TCP disabled -- no workgroup available

Comment 21 Aurélien Aptel 2017-02-08 13:29:36 UTC

In this case it looks like it's working.

If you have the mapping done in lmhosts then you can use -L //corp.tensor.ru to list the shares.

Comment 22 mikhail.v.gavrilov 2017-02-08 17:35:52 UTC

> If you have the mapping done in lmhosts then you can use -L //corp.tensor.ru to list the shares.
It's still not working. see error: NT_STATUS_DUPLICATE_NAME

Comment 23 mikhail.v.gavrilov 2017-02-08 17:37:24 UTC

Created attachment 12908 [details]
smbclient.log