Menu
What's new
By:
Filters Better Search

SMB2

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Got and installed thanks.......

unfortunately still no joy. SOme more info in the log but no much

Aug 12 22:00:07 smbd[1470]: [2017/08/12 22:00:07.453515, 0] param/loadparm.c:8021(lp_do_parameter)
Aug 12 22:00:07 smbd[1470]: Ignoring unknown parameter "use recvfile"
Aug 12 22:00:07 Samba_Server: daemon is started

mystery :)
 
Something interesting.... With the new firmware is working on a PC with windows 8.1 Pro. Not working on two laptops with Windows 10 Pro. (where I did all testing with the post config...)

Yes Did remove
 
Last edited:
cafeole's short and sweet samba.config file... we did a bug fix for this a while back...

Code: 
[global]
# comment the line TCP_NODELAY for some platforms - should be safe
# on gigabit ethernet, with an untuned kernel we're seeing about 115MB/Sec on large files
socket options = TCP_NODELAY
workgroup = WORKGROUP
netbios name = TESTBOX
security = user
hosts allow = 192.168.1.0/24
restrict anonymous = 2
# restrict SMB1
min protocol = SMB2

[share]
comment = Home File Server
path = /var/share
force user = fileserver901
force group = fileserver901
read only = no
browsable = yes
create mask = 0755

[media]
comment = Home Media Server
path = /var/media
force user = fileserver901
force group = fileserver901
read only = no
browsable = yes
create mask = 0755

with cafeole and the dev container enabled - one can run nmap and check... nmap is built into our developer docker file, and we keep it a bit more current than our production boxes...

sudo nmap -p445 --script vuln <target>

Building NMAP from the SVN tip, does the same thing - so one can scan externally using a VM or bare metal box...

Anyways, the Samba configuration file is fairly complex, and the interactions between items can expose things...

Bashing my QNAP machine...

Sounds like I need to talk to QNAP - current tip on their SW/FW 4.3.3.0262 (latest prod release)

Code: 
$ sudo nmap -p445 --script vuln 192.168.1.50
[sudo] password for sfx:

Starting Nmap 7.60SVN ( https://nmap.org ) at 2017-08-12 15:03 PDT
Pre-scan script results:
| broadcast-avahi-dos:
|   Discovered hosts:
|     224.0.0.251
|   After NULL UDP avahi packet DoS (CVE-2011-1002).
|_  Hosts are all up (not vulnerable).
Nmap scan report for 192.168.1.50
Host is up (0.00045s latency).

PORT    STATE SERVICE
445/tcp open  microsoft-ds
MAC Address: 00:XX:YY:EF:DC:5E

Host script results:
|_smb-vuln-ms10-054: false
|_smb-vuln-ms10-061: false
| smb-vuln-regsvc-dos:
|   VULNERABLE:
|   Service regsvc in Microsoft Windows systems vulnerable to denial of service
|     State: VULNERABLE
|       The service regsvc in Microsoft Windows 2000 systems is vulnerable to denial of service caused by a null deference
|       pointer. This script will crash the service if it is vulnerable. This vulnerability was discovered by Ron Bowes
|       while working on smb-enum-sessions.
|_        

Nmap done: 1 IP address (1 host up) scanned in 43.94 seconds
 
Last edited:
sfx2000 said:
cafeole's short and sweet samba.config file... we did a bug fix for this a while back...
]
Click to expand...
whats the best way to try your config file?


ColinTaylor said:
Are the Windows 10 machines authenticating with user names and passwords?
Click to expand...

yes both are authenticating with user names. The share has been set up with guest account and works on windows 8. I also try to map the share and login as different user (admin) on windows 10 no joy
 
clvk07 said:
yes both are authenticating with user names. The share has been set up with guest account and works on windows 8. I also try to map the share and login as different user (admin) on windows 10 no joy
Click to expand...
Modify the postconf file from before so that the only change that it makes is to increase the logging level from 0 to 2. Then try your Windows 10 machines again. You should then be able to see the authentication process in the log file.

Also confirm that the Windows 10 machines are part the correct workgroup and not using the default name of WORKGROUP.
 
ColinTaylor said:
Modify the postconf file from before so that the only change that it makes is to increase the logging level from 0 to 2. Then try your Windows 10 machines again. You should then be able to see the authentication process in the log file.

Also confirm that the Windows 10 machines are part the correct workgroup and not using the default name of WORKGROUP.
Click to expand...

Tried to change the log level but I get this:

admin@Skynet:/jffs/scripts# #!/bin/sh
admin@Skynet:/jffs/scripts# CONFIG=$1
admin@Skynet:/jffs/scripts# source /usr/sbin/helper.sh
admin@Skynet:/jffs/scripts# pc_replace "log level = 0" "log level = 2" $CONFIG

sed: -i requires an argument
admin@Skynet:/jffs/scripts#

the windows 10 has the WORKGROUP as workgroup I changed the router to WORKGROUP too. ( the windows 10 workgroup name seems greyed out doesn't allow change)
 
You can't just type those lines into the command prompt! You have to put them into a /jffs/scripts/smb.postconf script and reboot the router.
 
that's what I did including rebooting but it was not changing the log level
that's why I tried from the command line to see if any errors....

admin@Skynet:/jffs/scripts# more smb.postconf
#!/bin/sh
CONFIG=$1
source /usr/sbin/helper.sh

pc_replace "log level = 0" "log level = 2" $CONFIG

exit
admin@Skynet:/jffs/scripts#

script run in the log

Aug 13 19:21:25 custom_script: Running /jffs/scripts/smb.postconf (args: /etc/smb.conf
 
ColinTaylor said:
What happens when you issue this command:

/jffs/scripts/smb.postconf /etc/smb.conf
Click to expand...

sorry forgot to change 777 to the postconf script!!!

log level is 2 now and after trying to connect from windows 10 and getting network error I see this in the var samba log

2017/08/13 19:31:53.369896, 2] auth/auth.c:319(check_ntlm_password)
check_ntlm_password: Authentication for user [root] -> [root] FAILED with error NT code 0xc0000064
[2017/08/13 19:31:53.490283, 2] smbd/sesssetup.c:1291(setup_new_vc_session)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2017/08/13 19:31:53.490539, 2] auth/auth.c:319(check_ntlm_password)
check_ntlm_password: Authentication for user [root] -> [root] FAILED with error NT code 0xc0000064
 
clvk07 said:
not trying to map as root share is set to guest :)
Click to expand...
My mistake, I thought you had changed to user mode. :oops: In which case the error is:

2017/08/13 19:31:53.490283, 2] smbd/sesssetup.c:1291(setup_new_vc_session)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.

which looks like you are part of a domain rather than a workgroup. Which might explain why it is greyed out for you. Go back and try and join a workgroup.
 
Last edited:
clvk07 said:
whats the best way to try your config file?
Click to expand...

Try just the min protocol line...

We did a really simple Samba host to support a requirement, it's by no means very sophisticated... but reasonably secure - no guest access, smbuser/smbpasswd must exist to access the share...
 
clvk07 said:
FAILED with error NT code 0xc0000064
Click to expand...

If I recall correctly - that error code suggests no such user for the account that was attempting to access the resource...

Part of the challenge here is that if one is using MSA (Microsoft Account) to login to Win10 - the network browser will assume you are attempting to access the resource with that account.

To get around this - you'll need to get into Windows, and configure a domain/workgroup account with the appropriate credentials - getting there is half the battle, and out of my scope - I'm not a Win10 power user by any means...

this link might help...

https://techjourney.net/cannot-conn...-network-shares-shared-folders-in-windows-10/
 
yes it was a problem with the windows 10 account. it was part of the domain and not the workgroup. I guess SMB2 protocol is different than SMB1 as it was working fine with smb1.

Latest alpha firmware seems to be working with smb2 and guest........
 
You must log in or register to reply here.

Similar threads

Phantomski
mount using SMB1 only despite vers=2.1 specified
2
Replies
28
Views
2K
JGrana
JGrana
S
Solved Cannot access SMB share from Android
Replies
3
Views
4K
DJF
D
D
Does Merlin Support SMB2 or not?
Replies
2
Views
3K
DSPGuy
D
Z
Solved SMB2 share does not work (SMB1 does)
Replies
14
Views
3K
torch
T
D
Solved Windows 11 updates won't download attempted disabling router settings.
Replies
18
Views
1K
DJones
D

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 795 (members: 25, guests: 770)
Top