a few days ago we migrated our shares to a DFS cluster, also we disabled SMBv1 protocol. Now we are no longer able to connect to the shares with our linux workstations. The setup looks like this:
linux workstation -----> AD server (Windows Server 2008 R2) -----> file server (Windows Server 2016, running in 2008 R2 compat mode)
I have searched the web for a solution on the last few days. Mostly it came down to this:
Take care that smbclient, cifs-utils and keyutils is installed. Also have these lines in /etc/request-key.conf:
create cifs.spnego * * /usr/sbin/cifs.upcall %k create dns_resolver * * /usr/sbin/cifs.upcall %k
My setup satisfies these requirements. I have tried the
connection with these commands (I replaced our domain with
mount -v -t cifs //office.example.com/technik /mnt/dfs -o
If I do so I can see this in tcpdump:
100.392000390 192.168.23.107 -> 192.168.15.6 SMB2 172
Negotiate Protocol Request
My client directly tries to connect to the share on 192.168.15.6, but this is the AD server that should forward to 192.168.15.17 which is the file server.
I also traced the connection attempt with wireshark. In the request sent from my workstation I found this message in the flags:
"This host does NOT support DFS."
We re-enabled SMBv1 for testing purposes. With SMBv1 the connection to the DFS works with the command above but vers=1.0.
I can not figure out why DFS does not work when vers=2.0 or vers=2.1 will be used. We tested some different distros (Linux Mint 18.1, Debian 8, Debian 9, Gentoo) with different kernel versions.
Please ask me for further information, if I missed something.
Any help is welcome!
Regards, Christian Garling
On 08/06/17 16:35, Christian Garling wrote:
In reply to this post by Christian Garling
On Jun 8, 2017 11:01, "Christian Garling" <[hidden email]> wrote:
|Free forum by Nabble||Edit this page|