samba - Apr 2016 - Workstation Limited to NT1 Protocol

*testparm -v | grep "client min protocol"*
client min protocol = CORE

On Tue, Apr 19, 2016 at 2:50 PM, lingpanda101 at gmail.com <
lingpanda101 at gmail.com> wrote:
> On 4/19/2016 2:43 PM, Bill Baird wrote:
>
> I am accessing the new member server. All my other servers are still on
> 3.6.x.
>
> Both settings are set to "default".
>
> Will look at logs now.
>
> Thanks!
>
>
>
> On Tue, Apr 19, 2016 at 2:39 PM, <lingpanda101 at gmail.com>
> lingpanda101 at gmail.com <lingpanda101 at gmail.com> wrote:
>
>> On 4/19/2016 2:08 PM, Bill Baird wrote:
>>
>>> Hi All,
>>>
>>> I just setup a new server and added it to my domain last week and
it has
>>> been working well. We are running a NT4-style Samba PDC for our
domain
>>> controller. This server is running the CentOS packages for Samba
4.2.10-6
>>> as a domain member. My issue is that I have one Windows 7
workstation
>>> that
>>> will only auto-negotiate to the NT1 protocol. If I run smbstatus,
all of
>>> my
>>> other workstations use SMB2_10, as expected.
>>>
>>> Has anyone seen this before? Is there a log file I can look at to
>>> determine
>>> what is going wrong in the protocol negotiation?
>>>
>>> Thanks!
>>>
>>> --Bill
>>>
>> You can enable client specific logging and see if it turns up anything.
>>
>> https://wiki.samba.org/index.php/Client_specific_logging
>>
>> Access a share and review the logs.
>>
>> Is this Windows 7 workstation accessing the new member server and
>> displaying NT1 or the old one?
>>
>> Can you run on both member servers and report?
>>
>> testparm -v |grep "client ipc max protocol" and testparm -v
|grep "client
>> ipc min protocol"
>>
>> --
>> -James
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>
>
> --
> *Bill Baird*
> Chief Technology Officer
> Office: 845-876-8228 x311 <845-876-8228%20x311>
> Mobile: 203-545-0437
> www.phoenixmi.com
>
> The man page for smb.conf reads for "client ipc min protocol"
>
> The value default refers to the higher value of NT1 and the
>            effective value of client min protocol.
>
> What does testparm -v | grep "client min protocol" give?
>
> --
> -James
>
>

-- 
*Bill Baird*
Chief Technology Officer
Office: 845-876-8228 x311
Mobile: 203-545-0437
www.phoenixmi.com

On 4/19/2016 2:51 PM, Bill Baird wrote:
> /testparm -v | grep "client min protocol"/
> client min protocol = CORE
>
> On Tue, Apr 19, 2016 at 2:50 PM, lingpanda101 at gmail.com 
> <mailto:lingpanda101 at gmail.com> <lingpanda101 at gmail.com 
> <mailto:lingpanda101 at gmail.com>> wrote:
>
>     On 4/19/2016 2:43 PM, Bill Baird wrote:
>>     I am accessing the new member server. All my other servers are
>>     still on 3.6.x.
>>
>>     Both settings are set to "default".
>>
>>     Will look at logs now.
>>
>>     Thanks!
>>
>>
>>
>>     On Tue, Apr 19, 2016 at 2:39 PM, lingpanda101 at gmail.com
>>     <mailto:lingpanda101 at gmail.com> <lingpanda101 at
gmail.com
>>     <mailto:lingpanda101 at gmail.com>> wrote:
>>
>>         On 4/19/2016 2:08 PM, Bill Baird wrote:
>>
>>             Hi All,
>>
>>             I just setup a new server and added it to my domain last
>>             week and it has
>>             been working well. We are running a NT4-style Samba PDC
>>             for our domain
>>             controller. This server is running the CentOS packages
>>             for Samba 4.2.10-6
>>             as a domain member. My issue is that I have one Windows 7
>>             workstation that
>>             will only auto-negotiate to the NT1 protocol. If I run
>>             smbstatus, all of my
>>             other workstations use SMB2_10, as expected.
>>
>>             Has anyone seen this before? Is there a log file I can
>>             look at to determine
>>             what is going wrong in the protocol negotiation?
>>
>>             Thanks!
>>
>>             --Bill
>>
>>         You can enable client specific logging and see if it turns up
>>         anything.
>>
>>         https://wiki.samba.org/index.php/Client_specific_logging
>>
>>         Access a share and review the logs.
>>
>>         Is this Windows 7 workstation accessing the new member server
>>         and displaying NT1 or the old one?
>>
>>         Can you run on both member servers and report?
>>
>>         testparm -v |grep "client ipc max protocol" and
testparm -v
>>         |grep "client ipc min protocol"
>>
>>         -- 
>>         -James
>>
>>
>>         -- 
>>         To unsubscribe from this list go to the following URL and
>>         read the
>>         instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>>
>>
>>     -- 
>>     *Bill Baird*
>>     Chief Technology Officer
>>     Office: 845-876-8228 x311 <tel:845-876-8228%20x311>
>>     Mobile: 203-545-0437 <tel:203-545-0437>
>>     www.phoenixmi.com <http://www.phoenixmi.com/>
>>
>     The man page for smb.conf reads for "client ipc min protocol"
>
>     The value default refers to the higher value of NT1 and the
>                effective value of client min protocol.
>
>     What does testparm -v | grep "client min protocol" give?
>
>     -- 
>     -James
>
>
>
>
> -- 
> *Bill Baird*
> Chief Technology Officer
> Office: 845-876-8228 x311
> Mobile: 203-545-0437
> www.phoenixmi.com <http://www.phoenixmi.com/>
>
What does testparm -v | grep "client max protocol" give? it should be 
'default' which is SMB3_11. You can always force SMB2_10

-- 
-James

That does indeed show "default".

For logs, I tested with my system and a system that gets SMB2.  Any tips
for what I might be looking for?

Early on in the logs, I see this for the NT1 system (no mentions of smb2
anywhere)

[2016/04/19 14:48:37.738460,  3, pid=21479, effective(0, 0), real(0, 0)]
../source3/smbd/negprot.c:395(reply_nt1)
  using SPNEGO
[2016/04/19 14:48:37.738476,  3, pid=21479, effective(0, 0), real(0, 0)]
../source3/smbd/negprot.c:684(reply_negprot)
  Selected protocol NT LM 0.12
[2016/04/19 14:48:37.738488,  5, pid=21479, effective(0, 0), real(0, 0)]
../source3/smbd/negprot.c:691(reply_negprot)
  negprot index=5

For the system that gets SMB2, I see:

[2016/04/19 15:04:46.352217, 10, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/smb2_server.c:3068(smbd_smb2_first_negprot)
  smbd_smb2_first_negprot: packet length 102
[2016/04/19 15:04:46.352249, 10, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/smb2_server.c:646(smb2_validate_sequence_number)
  smb2_validate_sequence_number: clearing id 0 (position 0) from bitmap
[2016/04/19 15:04:46.352269, 10, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/smb2_server.c:1954(smbd_smb2_request_dispatch)
  smbd_smb2_request_dispatch: opcode[SMB2_OP_NEGPROT] mid = 0
[2016/04/19 15:04:46.352285,  4, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/sec_ctx.c:316(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2016/04/19 15:04:46.352302,  5, pid=21600, effective(0, 0), real(0, 0)]
../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2016/04/19 15:04:46.352318,  5, pid=21600, effective(0, 0), real(0, 0)]
../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2016/04/19 15:04:46.352343,  5, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2016/04/19 15:04:46.352381, 10, pid=21600, effective(0, 0), real(0, 0)]
../source3/lib/util.c:1291(set_remote_arch)
  set_remote_arch: Client arch is 'Vista'
[2016/04/19 15:04:46.352420,  6, pid=21600, effective(0, 0), real(0, 0)]
../source3/param/loadparm.c:2151(lp_file_list_changed)
  lp_file_list_changed()
  file /etc/samba/smb.conf.client-%I ->
/etc/samba/smb.conf.client-10.88.5.102  last mod_time: Tue Apr 19 14:44:42
2016

  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue Apr
19 14:45:15 2016

[2016/04/19 15:04:46.352463,  3, pid=21600, effective(0, 0), real(0, 0)]
../source3/smbd/smb2_negprot.c:213(smbd_smb2_request_process_negprot)
  Selected protocol SMB2_FF




On Tue, Apr 19, 2016 at 3:01 PM, lingpanda101 at gmail.com <
lingpanda101 at gmail.com> wrote:
> On 4/19/2016 2:51 PM, Bill Baird wrote:
>
> *testparm -v | grep "client min protocol"*
> client min protocol = CORE
>
> On Tue, Apr 19, 2016 at 2:50 PM, <lingpanda101 at gmail.com>
> lingpanda101 at gmail.com <lingpanda101 at gmail.com> wrote:
>
>> On 4/19/2016 2:43 PM, Bill Baird wrote:
>>
>> I am accessing the new member server. All my other servers are still on
>> 3.6.x.
>>
>> Both settings are set to "default".
>>
>> Will look at logs now.
>>
>> Thanks!
>>
>>
>>
>> On Tue, Apr 19, 2016 at 2:39 PM, lingpanda101 at gmail.com <
>> lingpanda101 at gmail.com> wrote:
>>
>>> On 4/19/2016 2:08 PM, Bill Baird wrote:
>>>
>>>> Hi All,
>>>>
>>>> I just setup a new server and added it to my domain last week
and it has
>>>> been working well. We are running a NT4-style Samba PDC for our
domain
>>>> controller. This server is running the CentOS packages for
Samba
>>>> 4.2.10-6
>>>> as a domain member. My issue is that I have one Windows 7
workstation
>>>> that
>>>> will only auto-negotiate to the NT1 protocol. If I run
smbstatus, all
>>>> of my
>>>> other workstations use SMB2_10, as expected.
>>>>
>>>> Has anyone seen this before? Is there a log file I can look at
to
>>>> determine
>>>> what is going wrong in the protocol negotiation?
>>>>
>>>> Thanks!
>>>>
>>>> --Bill
>>>>
>>> You can enable client specific logging and see if it turns up
anything.
>>>
>>> https://wiki.samba.org/index.php/Client_specific_logging
>>>
>>> Access a share and review the logs.
>>>
>>> Is this Windows 7 workstation accessing the new member server and
>>> displaying NT1 or the old one?
>>>
>>> Can you run on both member servers and report?
>>>
>>> testparm -v |grep "client ipc max protocol" and testparm
-v |grep
>>> "client ipc min protocol"
>>>
>>> --
>>> -James
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: 
<https://lists.samba.org/mailman/options/samba>
>>> https://lists.samba.org/mailman/options/samba
>>>
>>
>>
>>
>> --
>> *Bill Baird*
>> Chief Technology Officer
>> Office: 845-876-8228 x311
>> Mobile: 203-545-0437
>> www.phoenixmi.com
>>
>> The man page for smb.conf reads for "client ipc min protocol"
>>
>> The value default refers to the higher value of NT1 and the
>>            effective value of client min protocol.
>>
>> What does testparm -v | grep "client min protocol" give?
>>
>> --
>> -James
>>
>>
>
>
> --
> *Bill Baird*
> Chief Technology Officer
> Office: 845-876-8228 x311
> Mobile: 203-545-0437
> www.phoenixmi.com
>
> What does testparm -v | grep "client max protocol" give? it
should be
> 'default' which is SMB3_11. You can always force SMB2_10
>
> --
> -James
>
>

-- 
*Bill Baird*
Chief Technology Officer
Office: 845-876-8228 x311
Mobile: 203-545-0437
www.phoenixmi.com