I am getting the following error when using Nautilis / Nemo on Gnome
desktop, ubuntu 22.04 and connection to just smb://filesvr
gvfsd[8049]: smbXcli_negprot_smb1_done: No compatible protocol
selected by server.
failed to retrieve share list from server: connection refused
the orginal domain was created years ago (on Windows server) and was
named <company>.local? This was kept during all migrations since.? The
ADDC is now running on ubuntu 22.04 samba 4.15.9
gnome is desired because we will //probably// start using adsys to add
ubuntu GPOs? (/*unless someone here yells at me for even thinking it*/)
What are my options?
1) use smb://filesvr/<sharname> to connect, requires that the share name
be known
*2) use mount.cifs - not super user friendly for windows users using
xRDP server.? currently I have done mount.cifs and I create directory
~/filesvr and place sym links to the shares.? This works great for a
small server with few shares, but is quickly un-scaleable
3) use kde - dolphin works, but their config files are harder to manage
using logon scripts / GPO, so not likely
4) lower min version to SMB1 - not likely to happen!
Others: Are there other options that I am missing?
Avahi:? I read the wiki about not naming .local? Just curious how will
conflicts with avahi show up?? I'm pretty sure avahi is not installed:
ADDC:
root at nc1:/etc/bind# apt search avahi | grep -i install
t3/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic]
libavahi-common-data/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic]
libavahi-common3/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic]
File Server:
SDCP\peter at filesvr:~$ apt search avahi | grep -i install
ent3/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic]
libavahi-common-data/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic]
libavahi-common3/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic]
Peter
PS: I can list the shares with smbclient
SDCP\peter at xrdp:~$ smbclient -L //filesvr
Password for [peter at SA*****NT.LOCAL]:
?? ?Sharename?????? Type????? Comment
?? ?---------?????? ----????? -------
?? ?Test??????????? Disk????? test
?? ?BinaryData????? Disk????? Store for DB and Middleware
?? ?Ca*****nt?? Disk????? Ca*****nt Common Files
?? ?Ca*****nt-Accounting Disk????? Ca*****nt Accounting Files
?? ?Ca*****nt-Secure Disk????? Ca*****nt Secure Files
?? ?Dwayne-Secure?? Disk????? Dwayne Secure Files
?? ?Faxes-In??????? Disk????? Fax Server Holding
?? ?Faxes-Out?????? Disk????? Fax Server Holding
?? ?Software??????? Disk????? Software Repository
?? ?FacilityPictures Disk????? Facility Pictures
?? ?IPC$??????????? IPC?????? IPC Service (filesvr server (Samba, Ubuntu))
SMB1 disabled -- no workgroup available
On 10/20/22 9:53 AM, Peter Carlson via samba wrote:> I am getting the following error when using Nautilis / Nemo on Gnome > desktop, ubuntu 22.04 and connection to just smb://filesvr > > ?? gvfsd[8049]: smbXcli_negprot_smb1_done: No compatible protocol > ?? selected by server. > ?? failed to retrieve share list from server: connection refused > >Looks like that gnome desktop client is only supporting smb1? You could work around this by mounting your share via mount.cifs instead (as long as your kernel is new enough, it should have SMB2+). -- David Mulder Labs Software Engineer, Samba SUSE 1221 S Valley Grove Way, Suite 500 Pleasant Grove, UT 84062 (P)+1 385.208.2989 dmulder at suse.com http://www.suse.com
On 10/20/22 9:53 AM, Peter Carlson via samba wrote:> > gnome is desired because we will //probably// start using adsys to add > ubuntu GPOs? (/*unless someone here yells at me for even thinking it*/) > > What are my options? > 1) use smb://filesvr/<sharname> to connect, requires that the share > name be known > *2) use mount.cifs - not super user friendly for windows users using > xRDP server.? currently I have done mount.cifs and I create directory > ~/filesvr and place sym links to the shares.? This works great for a > small server with few shares, but is quickly un-scaleable > 3) use kde - dolphin works, but their config files are harder to > manage using logon scripts / GPO, so not likely > 4) lower min version to SMB1 - not likely to happen! > Others: Are there other options that I am missing? >Would you be able to do this as machine specific shares? Or are you mounting user specific shares? I could throw together a simple Samba GPO for mounting machine shares. This would allow you to mount as root via winbind. I started working on this a while back, but never finished it. If you are willing to test something, I could throw something together. -- David Mulder Labs Software Engineer, Samba SUSE 1221 S Valley Grove Way, Suite 500 Pleasant Grove, UT 84062 (P)+1 385.208.2989 dmulder at suse.com http://www.suse.com
On 20/10/2022 16:53, Peter Carlson via samba wrote:> I am getting the following error when using Nautilis / Nemo on Gnome > desktop, ubuntu 22.04 and connection to just smb://filesvr > > ?? gvfsd[8049]: smbXcli_negprot_smb1_done: No compatible protocol > ?? selected by server. > ?? failed to retrieve share list from server: connection refused > > > the orginal domain was created years ago (on Windows server) and was > named <company>.local? This was kept during all migrations since.? The > ADDC is now running on ubuntu 22.04 samba 4.15.9 > > gnome is desired because we will //probably// start using adsys to add > ubuntu GPOs? (/*unless someone here yells at me for even thinking it*/)It is my understanding that you need sssd for adsys, so there is no point in running Samba as well.> > What are my options? > 1) use smb://filesvr/<sharname> to connect, requires that the share name > be knownYou could do that, but as you say, you have to know where the share is and its name first.> *2) use mount.cifs - not super user friendly for windows users using > xRDP server.? currently I have done mount.cifs and I create directory > ~/filesvr and place sym links to the shares.? This works great for a > small server with few shares, but is quickly un-scaleableWindows usually maps shares to letters e.g. 'E:', but again, you have to know where the share is, or you need to add attributes to a users object in AD.> 3) use kde - dolphin works, but their config files are harder to manage > using logon scripts / GPO, so not likelyKDE does seem to be aware that SMBv1 is going away, which is more than you can say for gnome.> 4) lower min version to SMB1 - not likely to happen!Before long (I hope) you will not have that option.> Others: Are there other options that I am missing?Samba has its own GPO tools, mostly written by David Mulder, perhaps you could have a look at them. Rowland> > Avahi:? I read the wiki about not naming .local? Just curious how will > conflicts with avahi show up?? I'm pretty sure avahi is not installed: > ADDC: > > ?? root at nc1:/etc/bind# apt search avahi | grep -i install > ?? t3/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic] > ?? libavahi-common-data/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic] > ?? libavahi-common3/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic] > > > File Server: > > ?? SDCP\peter at filesvr:~$ apt search avahi | grep -i install > ?? ent3/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic] > ?? libavahi-common-data/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic] > ?? libavahi-common3/jammy,now 0.8-5ubuntu5 amd64 [installed,automatic] > >ER, what do you think 'libavahi' is ? If you use '.local', you will basically have two servers replying. I know that Microsoft used to recommend using '.local', but even they now say it is a bad idea.> > Peter > PS: I can list the shares with smbclient > SDCP\peter at xrdp:~$ smbclient -L //filesvr > Password for [peter at SA*****NT.LOCAL]: > > ?? ?Sharename?????? Type????? Comment > ?? ?---------?????? ----????? ------- > ?? ?Test??????????? Disk????? test > ?? ?BinaryData????? Disk????? Store for DB and Middleware > ?? ?Ca*****nt?? Disk????? Ca*****nt Common Files > ?? ?Ca*****nt-Accounting Disk????? Ca*****nt Accounting Files > ?? ?Ca*****nt-Secure Disk????? Ca*****nt Secure Files > ?? ?Dwayne-Secure?? Disk????? Dwayne Secure Files > ?? ?Faxes-In??????? Disk????? Fax Server Holding > ?? ?Faxes-Out?????? Disk????? Fax Server Holding > ?? ?Software??????? Disk????? Software Repository > ?? ?FacilityPictures Disk????? Facility Pictures > ?? ?IPC$??????????? IPC?????? IPC Service (filesvr server (Samba, Ubuntu)) > SMB1 disabled -- no workgroup availableWindows now uses Network Discovery instead of Network Browsing, there are a few servers available for Linux, do a search on 'wsdd' Rowland
Am 20.10.22 um 17:53 schrieb Peter Carlson via samba:> > What are my options? > 1) use smb://filesvr/<sharname> to connect, requires that the share name > be known > *2) use mount.cifs - not super user friendly for windows users using > xRDP server.? currently I have done mount.cifs and I create directory > ~/filesvr and place sym links to the shares.? This works great for a > small server with few shares, but is quickly un-scaleable > 3) use kde - dolphin works, but their config files are harder to manage > using logon scripts / GPO, so not likely > 4) lower min version to SMB1 - not likely to happen! > Others: Are there other options that I am missing?You could use autofs. As long as you are using Kerberos this should work. Regards Christian -- Dr. Christian Naumer Vice President Unit Head Bioprocess Development BRAIN Biotech AG Darmstaedter Str. 34-36 64673 Zwingenberg, Germany T: +49 6251 9331-30 F: +49 6251 9331-11 cn at brain-biotech.com www.brain-biotech.com Sitz der Gesellschaft: Zwingenberg | Bergstrasse Registergericht AG Darmstadt | HRB 24758 Vorstand: Adriaan Moelker (Vorstandsvorsitzender) | Michael Schneiders Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen