Quantcast
Channel: File Services and Storage Forum
Viewing all articles
Browse latest Browse all 1766

Cannot access Windows share from Linux

$
0
0

Let's have this situation:
- Windows server named SERVER_WINDOWS (Windows Server 2008 R2 with latest patches),
- Linux client named CLIENT_LINUX (VMware Data Recovery = CentOS 5.5 x64),
- SERVER_WINDOWS is member of CONTOSO domain, 
- CLIENT_LINUX is not member of CONTOSO domain or any other,
- both server and client are in same subnet and without firewall and antivirus program,
- both server and client are reachable
- SERVER_WINDOWS has shared folder named SHARED_FOLDER, share R/W permissions granted to Everyone, NTFS R/W permissions granted to domain user John@CONTOSO.tld
- I can access SHARED_FOLDER from any computer in CONTOSO domain with John@CONTOSO.tld credentials
       
Problem:
- cannot access SHARED_FOLDER from CLIENT_LINUX using command "mount -t cifs //SERVER_WINDOWS/SHARED_FOLDER /mnt/cifs -o username=John@CONTOSO.tld"
- mount command exits with permission denied error

Steps taken (without any success):
- tried using Linux mount command with different syntax of username (username=CONTOSO\John, username=contoso.tld\John, username=John,domain=CONTOSO, username=John,domain=contoso.tld)
- granted NTFS R/W permissions for Everyone
- setup audit object access (when I access SHARED_FOLDER from my computer I can see "Audit Successfull", but when I try to access SHARED_FOLDER from CLIENT_LINUX I can see nothing - no audit logs produced!) - see below for more details
- adjusted some local security policies - see below for more details


Debugging:
- output of Network Monitor:

CLIENT_LINUX -> SERVER_WINDOWS SMB SMB:C; Negotiate, Dialect = LM1.2X002, LANMAN2.1, NT LM 0.12, POSIX 2 {SMBOverTCP:2, TCP:1, IPv4:22}
SERVER_WINDOWS -> CLIENT_LINUX SMB SMB:R; Negotiate, Dialect is NT LM 0.12 (#2) {SMBOverTCP:2, TCP:1, IPv4:22}
CLIENT_LINUX -> SERVER_WINDOWS TCP TCP:Flags=...A...., SrcPort=41583, DstPort=Microsoft-DS(445)
CLIENT_LINUX -> SERVER_WINDOWS SMB SMB:C; Session Setup Andx, Account = John@CONTOSO.tld {SMBOverTCP:2, TCP:1, IPv4:22}
SERVER_WINDOWS -> CLIENT_LINUX SMB SMB:R; Session Setup Andx - NT Status: System - Error, Code = (109) STATUS_LOGON_FAILURE {SMBOverTCP:2, TCP:1, IPv4:22}


  Frame: Number = 1694, Captured Frame Length = 105, MediaType = ETHERNET
+ Ethernet: Etype = Internet IP (IPv4),DestinationAddress:[00-50-56-89-00-01],SourceAddress:[44-1E-A1-45-0D-E8]
+ Ipv4: Src = SERVER_WINDOWS, Dest = CLIENT_LINUX, Next Protocol = TCP, Packet ID = 29936, Total IP Length = 91
+ Tcp: Flags=...AP..., SrcPort=Microsoft-DS(445), DstPort=41583, PayloadLen=39, Seq=3715109303 - 3715109342, Ack=2100360946, Win=259 (scale factor 0x8) = 66304
+ SMBOverTCP: Length = 35
- Smb: R; Session Setup Andx - NT Status: System - Error, Code = (109) STATUS_LOGON_FAILURE
    Protocol: SMB
    Command: Session Setup Andx 115(0x73)
  + NTStatus: 0xC000006D, Facility = FACILITY_SYSTEM, Severity = STATUS_SEVERITY_ERROR, Code = (109) STATUS_LOGON_FAILURE
  - SMBHeader: Response, TID: 0x0000, PID: 0x0EC7, UID: 0x0000, MID: 0x0002
   + Flags: 128 (0x80)
   + Flags2: 49153 (0xC001)
     PIDHigh: 0 (0x0)
     SecuritySignature: 0x0
     Unused: 0 (0x0)
     TreeID: 0 (0x0)
     ProcessID: 3783 (0xEC7)
     UserID: 0 (0x0)
     MultiplexID: 2 (0x2)
  - ErrorMessage: 0x1
     WordCount: 0 (0x0)
     ByteCount: 0 (0x0)
    
- rare failure audit (unfortunately I am not able to reproduce it)

The computer attempted to validate the credentials for an account.

Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon Account: Guest
Source Workstation: SERVER_WINDOWS
Error Code: 0xc0000072

- audit policies:

- adjusted local security policies:

DISABLED: Do not allow anonymous enumeration of SAM accounts

DISABLED: Do not allow anonymous enumeration of SAM accounts and shares

DISABLED: Restrict anonymous access to Named Pipes and Shares

ENABLED: Allow anonymous SID/name translation

ENABLED: Send unencrypted password to connect to third-party SMB servers 




Viewing all articles
Browse latest Browse all 1766

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>