##### BACKGROUND ##### When using mount.cifs, I get a permission denied error 13. On the windows 2003 server, I can see a successful logon and logoff as my user coming from the linux machine running samba. I am running mount.cifs (and mount -t cifs) as root, although I've also run it as a local linux user directly and via sudo. I must be doing something wrong. Windows server (ad domain controller) local security policy is set to Send NT and NTLM, Using NTLMv2 if negotiated. HELP!!!!!!!!!!!! Thanks, Mike Tosh ##### CAN VIEW, BUT NOT MAP, VIA SMB ##### # smbclient -V Version 3.0.28-0.1.95-1624-SUSE-SLES9 # smbclient -L //server/share -A.cifs_creds WARNING: The "printer admin" option is deprecated Domain=[DOMAIN] OS=[Windows Server 2003 3790 Service Pack 2] Server=[Windows Server 2003 5.2] Sharename Type Comment --------- ---- ------- share Disk Share for everyone # smbmount //server/share /mnt/share/ -o credentials=.cifs_creds WARNING: The "printer admin" option is deprecated cli_negprot: SMB signing is mandatory and we have disabled it. 7959: protocol negotiation failed SMB connection failed ##### ERROR 13 (PERMISSION DENIED) USING CIFS: ###### # mount -t cifs //server/share /mnt/share -o credentials=.cifs_creds mount error 13 = Permission denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) # mount.cifs //server/share /mnt/share -o credentials=.cifs_creds mount error 13 = Permission denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) #cat .cifs_creds username=remoteuser password=remotepass domain=DOMAIN # mount -v -t cifs //server/share /mnt/share -o credentials=.cifs_creds parsing options: rw,credentials=.cifs_creds Domain W2K3ADDOMAIN mount.cifs kernel mount options unc=//server\share,ip=10.x.x.x,user=remoteuser,domain=DOMAIN,pass= remotepass,ver=1,rw,credentials=/root/.cifs_creds mount error 13 = Permission denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) linuxserver:/var/log # grep CIFS messages warn warn:Mar 26 12:03:08 proto2 kernel: CIFS VFS: cifs_mount failed w/return code = -13 warn:Mar 26 12:03:39 proto2 kernel: CIFS VFS: cifs_mount failed w/return code = -13 ##### LOGS ON SERVER (and it's a DOMAIN CONTROLLER) ##### Successful Network Logon: User Name: remoteuser Domain: DOMAIN Logon ID: (0x0,0x20544132) Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: \\10.x.x.x (IP of linux box) Source Network Address: 10.x.x.x (IP of linux box) ##### Then immediately after I see: ##### User Logoff: User Name: remoteuser Domain: W2K3ADDOMAIN Logon ID: (0x0,0x20544132) Logon Type: 3
I am all of a sudden receiving similar errors attempting to mount a w2k3 share with CIFS. This was working fine for several months. But I believe the server admin has enabled additional restrictions recently. Mounting with smbfs has never worked due to the same error you show. Smbclient continues to work fine, however. # mount -tcifs '//123.45.6.7/Share' /mnt/drive -o username=ben,password=foobar # dmesg|tail CIFS VFS: Unexpected SMB signature Status code returned 0xc0000070 NT_STATUS_INVALID_WORKSTATION CIFS VFS: Send error in SessSetup = -13 CIFS VFS: cifs_mount failed w/return code = -13 -Ben (In reply to comment #0) > ##### BACKGROUND ##### > > When using mount.cifs, I get a permission denied error 13. On the windows 2003 > server, I can see a successful logon and logoff as my user coming from the > linux machine running samba. I am running mount.cifs (and mount -t cifs) as > root, although I've also run it as a local linux user directly and via sudo. I > must be doing something wrong. > > Windows server (ad domain controller) local security policy is set to Send NT > and NTLM, Using NTLMv2 if negotiated. > > > HELP!!!!!!!!!!!! > Thanks, > Mike Tosh > > > ##### CAN VIEW, BUT NOT MAP, VIA SMB ##### > > # smbclient -V > Version 3.0.28-0.1.95-1624-SUSE-SLES9 > > # smbclient -L //server/share -A.cifs_creds > WARNING: The "printer admin" option is deprecated > Domain=[DOMAIN] OS=[Windows Server 2003 3790 Service Pack 2] > Server=[Windows Server 2003 5.2] > > Sharename Type Comment > --------- ---- ------- > share Disk Share for everyone > > # smbmount //server/share /mnt/share/ -o credentials=.cifs_creds > WARNING: The "printer admin" option is deprecated > cli_negprot: SMB signing is mandatory and we have disabled it. > 7959: protocol negotiation failed > SMB connection failed > > > ##### ERROR 13 (PERMISSION DENIED) USING CIFS: ###### > > # mount -t cifs //server/share /mnt/share -o credentials=.cifs_creds > mount error 13 = Permission denied > Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) > > # mount.cifs //server/share /mnt/share -o credentials=.cifs_creds > mount error 13 = Permission denied > Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) > > #cat .cifs_creds > username=remoteuser > password=remotepass > domain=DOMAIN > > # mount -v -t cifs //server/share /mnt/share -o credentials=.cifs_creds > parsing options: rw,credentials=.cifs_creds > > Domain W2K3ADDOMAIN > > > mount.cifs kernel mount options > unc=//server\share,ip=10.x.x.x,user=remoteuser,domain=DOMAIN,pass= > remotepass,ver=1,rw,credentials=/root/.cifs_creds > mount error 13 = Permission denied > Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) > > linuxserver:/var/log # grep CIFS messages warn > warn:Mar 26 12:03:08 proto2 kernel: CIFS VFS: cifs_mount failed > w/return code = -13 > warn:Mar 26 12:03:39 proto2 kernel: CIFS VFS: cifs_mount failed > w/return code = -13 > > > ##### LOGS ON SERVER (and it's a DOMAIN CONTROLLER) ##### > Successful Network Logon: > User Name: remoteuser > Domain: DOMAIN > Logon ID: (0x0,0x20544132) > Logon Type: 3 > Logon Process: NtLmSsp > Authentication Package: NTLM > Workstation Name: \\10.x.x.x (IP of linux box) > Source Network Address: 10.x.x.x (IP of linux box) > > ##### Then immediately after I see: ##### > User Logoff: > User Name: remoteuser > Domain: W2K3ADDOMAIN > Logon ID: (0x0,0x20544132) > Logon Type: 3 >
I tried to mount a samba partition on a NAS with CIFS but I'd the same problem. I resolved it in this way: I replaced kernel from 2.6.18-92.1.22 (modinfo cifs.ko: 1.50) to 2.6.18-53 (modinfo cifs.ko: 1.48aRH) and using sec=krb5, now it works!!!
I think this is something specific to your setup because I mount shares from a Windows 2003 server all the time. Are you able to run smbclient like this and list the contents (dir command in smbclient shell) smbclient //server_name/share_name -U user_name You can also turn on cifs debugging by doing dmesg -c echo 7 > /proc/fs/cifs/cifsFYI do the mount send the output of the dmesg command You can also capture either a tcpdump or wireshark trace during mount and send that.
The second error looks straightforward: "Status code returned 0xc0000070 NT_STATUS_INVALID_WORKSTATION" Would mean that the administrator of your server restricted which workstations are allowed to access this server (note that the workstation name can be overridden on the client in some cases (e.g. you might try to use "port=139" and specify the client's netbiosname "netbiosname=the-right-client-name") You may have to enable signing (e.g. specifying mount option sec=ntlmv2i or sec=krb5i) based on your unrelated smbclient message indicating signing is required.