Till Dörges
2011-Aug-22 16:10 UTC
[Samba] mount.cifs with "sec=ntlmv2" fails ("mount error(22): Invalid argument")
Hello, everyone, I'm trying to mount a CIFS share served by Samba using mount.cifs with NTLMv2 authentication. According to 'man mount.cifs' the option "sec=ntlmv2" should be supported, but it keeps giving me "mount error(22): Invalid argument". The Samba server enforces the use of NTLMv2. When allowing for NTLMv1 on both sides everything works just fine. The client runs kernel 2.6.37.6-0.7-desktop (fully patched openSUSE-11.4) with the CIFS kernel module version 1.68. mount.cifs identifies as "version: 4.6". Mounting on the client side it looks like this: --- snip --- # mount.cifs //abctest.box/abclaufwerk /mnt/mnt/ --verbose -o domain=ABCTEST,user=abc,pass=secrect,sec=ntlmv2 mount.cifs kernel mount options: ip=10.9.0.103,unc=\\abctest.box\abclaufwerk,sec=ntlmv2,ver=1,user=abc,domain=ABCTEST,pass=******** mount error(22): Invalid argument Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) --- snap --- CIFS debugging on the client is enabled: --- snip --- # cat /proc/fs/cifs/cifsFYI 1 --- snap --- Which yields the following lines in syslog (for the full log see attachment) --- snip --- Aug 22 17:47:34 client kernel: [28966.056081] /usr/src/packages/BUILD/kernel-desktop-2.6.37.6/linux-2.6.37/fs/cifs/connect.c: Security Mode: 0x3 Capabilities: 0x80f3fd TimeAdjust: -7200 Aug 22 17:47:34 client kernel: [28966.056088] /usr/src/packages/BUILD/kernel-desktop-2.6.37.6/linux-2.6.37/fs/cifs/sess.c: sess setup type 2 --- snap --- "sess setup type 2" seems to indicate that NTLMv2 is used. The server is running a fully patched openSUSE 11.3 with kernel 2.6.34.8-0.2-default and Samba 3.5.4. Both "lanman auth" and "ntlm auth" are disabled, which should force the use of NTLMv2 according to 'man smb.conf': --- snip --- server # testparm 2> /dev/null | egrep 'ntlm|lan' ntlm auth = No server # --- snap --- The server's corresponding log entries are also attached. Like said above, when I allow for the use of NTLMv1 on both sides (ntlm auth = Yes on the server and no sec=ntlmv2 on the client) everything works just fine. When I enforce NTLMv2 on the server and don't specify "sec=ntlmv2" with mount.cifs I get "mount error(13): Permission denied" and syslog on the client shows that NTLMv1 is tried ("sess setup type 1"). So is there anything wrong with my setup? Should NTLMv2 be working between Samba and mount.cifs? If it should, why isn't it in this particular setup? Any hints will be greatly appreciated. TIA -- Till -- Dipl.-Inform. Till D?rges doerges at pre-sense.de Tel. +49 - 40 - 244 2407 - 14 Fax +49 - 40 - 244 2407 - 24 PRESENSE Technologies GmbH Sachsenstr. 5, D-20097 HH USt-IdNr.: DE263765024 Gesch?ftsf?hrer/Managing Directors AG Hamburg, HRB 107844 Till D?rges J?rgen Sander Axel Theilmann
Possibly Parallel Threads
- Always Be Conferencing v16e - pure AEL-based dial plan solution
- plotting variable sections of hourly time series data using plot.zoo
- Failed to mount CIFS from windows7 with sec=ntlmv2 on Linux
- Failed to mount CIFS from Windows 7 with sec=ntlmv2 on Linux
- Failed to mount CIFS from Windows Vista/7 with sec=ntlmv2 on Linux