Seem to be netbios related, after some modifications it now works if server
is accessed through ip address instead of name.
I?m a bit lost now to why normal shares work with \\name\share but not dfs
shares, \\FQDN\share also fails.
\\name\share
0.000000 10.1.20.201 -> 10.1.9.34 SMB Session Setup AndX Request
0.000024 10.1.9.34 -> 10.1.20.201 TCP microsoft-ds > sunlps-http
[ACK]
Seq=1 Ack=1351 Win=11680 Len=0
0.020134 10.1.9.34 -> 10.1.20.201 SMB Session Setup AndX Response,
Error: STATUS_LOGON_FAILURE
0.023257 10.1.20.201 -> 10.1.9.34 SMB Session Setup AndX Request
0.032060 10.1.9.34 -> 10.1.20.201 SMB Session Setup AndX Response,
Error: STATUS_LOGON_FAILURE
0.216549 10.1.20.201 -> 10.1.9.34 SMB Trans2 Request, QUERY_PATH_INFO,
Query File Basic Info, Path: \it-service
0.217890 10.1.9.34 -> 10.1.20.201 SMB Trans2 Response, QUERY_PATH_INFO
0.218327 10.1.20.201 -> 10.1.9.34 SMB Trans2 Request, FIND_FIRST2,
Pattern: \it-service\*
0.219023 10.1.9.34 -> 10.1.20.201 SMB Trans2 Response, FIND_FIRST2,
Error: STATUS_OBJECT_NAME_NOT_FOUND
0.240259 10.1.20.201 -> 10.1.9.34 SMB Session Setup AndX Request
0.256493 10.1.9.34 -> 10.1.20.201 SMB Session Setup AndX Response,
Error: STATUS_LOGON_FAILURE
0.261364 10.1.20.201 -> 10.1.9.34 SMB Trans2 Request, QUERY_PATH_INFO,
Query File Basic Info, Path: \it-service
0.262605 10.1.9.34 -> 10.1.20.201 SMB Trans2 Response, QUERY_PATH_INFO
0.262962 10.1.20.201 -> 10.1.9.34 SMB NT Create AndX Request, Path:
\it-service
0.263670 10.1.9.34 -> 10.1.20.201 SMB NT Create AndX Response, FID:
0x0000, Error: STATUS_OBJECT_NAME_NOT_FOUND
0.264969 10.1.20.201 -> 10.1.9.34 SMB Session Setup AndX Request
0.268266 10.1.20.201 -> 10.1.9.34 SMB NT Cancel Request
0.268293 10.1.9.34 -> 10.1.20.201 TCP microsoft-ds > sunlps-http
[ACK]
Seq=404 Ack=5869 Win=20250 Len=0
0.276794 10.1.9.34 -> 10.1.20.201 SMB Session Setup AndX Response,
Error: STATUS_LOGON_FAILURE
0.277419 10.1.9.34 -> 10.1.20.201 SMB NT Trans Response,
<unknown>,
Error: STATUS_CANCELLED
0.277587 10.1.20.201 -> 10.1.9.34 TCP sunlps-http > microsoft-ds
[ACK]
Seq=5869 Ack=518 Win=63473 Len=0
0.278332 10.1.20.201 -> 10.1.9.34 SMB Close Request, FID: 0x1bb7
0.279072 10.1.9.34 -> 10.1.20.201 SMB Close Response
0.462238 10.1.20.201 -> 10.1.9.34 TCP sunlps-http > microsoft-ds
[ACK]
Seq=5914 Ack=557 Win=63434 Len=0
If accessed by ip address\share
0.000000 10.1.20.201 -> 10.1.9.34 SMB Trans2 Request, QUERY_PATH_INFO,
Query File Basic Info, Path: \10.1.9.34\drift
0.001200 10.1.9.34 -> 10.1.20.201 SMB Trans2 Response, QUERY_PATH_INFO
0.001843 10.1.20.201 -> 10.1.9.34 SMB Trans2 Request, QUERY_FS_INFO,
Query FS Size Info
0.002971 10.1.9.34 -> 10.1.20.201 SMB Trans2 Response, QUERY_FS_INFO
0.003553 10.1.20.201 -> 10.1.9.34 SMB Trans2 Request, QUERY_PATH_INFO,
Query File Basic Info, Path: \10.1.9.34\drift\it-service
0.004300 10.1.9.34 -> 10.1.20.201 SMB Trans2 Response,
QUERY_PATH_INFO, Error: STATUS_PATH_NOT_COVERED
0.005632 10.1.20.201 -> 10.1.9.34 SMB Trans2 Request,
GET_DFS_REFERRAL, File: \10.1.9.34\drift\it-service\
0.010468 10.1.9.34 -> 10.1.20.201 SMB Trans2 Response,
GET_DFS_REFERRAL
0.183732 10.1.20.201 -> 10.1.9.34 TCP scp > microsoft-ds [ACK]
Seq=453
Ack=484 Win=63597 Len=0
3.136382 10.1.20.201 -> 10.1.9.34 SMB NT Cancel Request
3.137094 10.1.9.34 -> 10.1.20.201 SMB NT Trans Response,
<unknown>,
Error: STATUS_CANCELLED
3.137466 10.1.20.201 -> 10.1.9.34 SMB Close Request, FID: 0x1bf3
3.138298 10.1.9.34 -> 10.1.20.201 SMB Close Response
3.356468 10.1.20.201 -> 10.1.9.34 TCP scp > microsoft-ds [ACK]
Seq=538
Ack=598 Win=63483 Len=0
On Wed, Aug 27, 2008 at 9:27 AM, Henrik Beckman
<henrik.list@gmail.com>wrote:
> Hi,
>
> We have been a samba shop since way back and have used DFS quit a lot the
> last years.
> When we went with security ads instead of domain our dfs died.
> We have tried 3.028(sun) in solaris wich we are leaving and 3.2.1 in linux,
> our migration target.
>
> For our 3.2.1 installation the config looks liket this and the problem
> manifests itself as a empty share.
>
> [Global]
> kernel oplocks = False
> oplocks = False
> level2 oplocks = False
> realm = SGU.SE
> workgroup = SGU
> netbios name = fs4
> server string = fs4
> security = ADS
> use kerberos keytab = true
> password server = ad1 ad2
> wins server = 10.1.9.10 10.1.9.9
> name resolve order = ads hosts wins bcast
>
> map to guest = Bad User
> disable netbios = No
> log level = 5
> client use spnego = Yes
> server signing = auto
> host msdfs = Yes
> #msdfs root = Yes
> ntlm auth = No
> lanman auth = no
>
> dos charset = ISO8859-1
> unix charset = ISO8859-1
>
> winbind trusted domains only = yes
>
> [drift-a]
> msdfs root = Yes
> path = /export/dfsroot
> read only = no
> guest ok = yes
>
> ls -l in /export/dfsroot
> drift-a -> msdfs:filer2\drift-a
>
> Domain servers are 2008 for, domainlevel is still 2003.
> We have all our users both in Unix LDAP and AD so we map username to
> username, no idmap ranges.
>
>
> HELP!
>
> /Henrik
>
>
>
>
>
>
>
>