Koozali.org: home of the SME Server
Contribs.org Forums => Koozali SME Server 10.x => Topic started by: kittykat on November 26, 2020, 02:29:52 PM
-
Hi Guys
What could be possible reasons for not being able to connect to a share/i-bay ?
I checked permissions etc.
Thanks
Kittty
-
What OS is having the issue... MS windows? what version.
Added: this is sme10 forum, are you using A5
-
What OS is having the issue... MS windows? what version.
Added: this is sme10 forum, are you using A5
Win 10
Currently testing V10 of Sme server.
-
On Windows 10 - have you set smb version, default is smb1 disabled
https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3
If you wish to leave W10 as is look at the wsdd contrib
Currently in smedev awaiting move to contribs - http://mirror.canada.pialasse.com/releases/testing/10/smedev/x86_64/RPMS/smeserver-wsdd-0.2-1.el7.sme.noarch.rpm
There are a number of discussions on the forum re windows 10 issues
-
On Windows 10 - have you set smb version, default is smb1 disabled
https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3
If you wish to leave W10 as is look at the wsdd contrib
Currently in smedev awaiting move to contribs - http://mirror.canada.pialasse.com/releases/testing/10/smedev/x86_64/RPMS/smeserver-wsdd-0.2-1.el7.sme.noarch.rpm
There are a number of discussions on the forum re windows 10 issues
Thanks, what version should it be?
-
Suggest yoiu familarize yourself with some background first - https://forums.contribs.org/index.php/topic,53587.0.html
Either restore W10s smb1 settings as decsribed in the MS doc HERE (https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3) or leave it with smb1 disabled and use the wonderful work of ReetP
WSDD contrib - https://forums.contribs.org/index.php/topic,54268.msg284028.html#msg284028
-
We need a wiki page, and update the unit file for the new target.
-
Suggest yoiu familarize yourself with some background first - https://forums.contribs.org/index.php/topic,53587.0.html
Either restore W10s smb1 settings as decsribed in the MS doc HERE (https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3) or leave it with smb1 disabled and use the wonderful work of ReetP
WSDD contrib - https://forums.contribs.org/index.php/topic,54268.msg284028.html#msg284028
I managed to get it working with the fix below.
config setprop smb ServerMaxProtocol NT1
expand-template /etc/smb.conf
service smb restart
Can I makes changes the smb.conf or will any changes made via the gui over-ride it ?
I don't want my shares browsable. I will map them instead.
-
ok I see this.
# !!DO NOT MODIFY THIS FILE!!
#
# Manual changes will be lost when this file is regenerated.
How does one then include custom smb.conf setting ?
-
ok I see this.
How does one then include custom smb.conf setting ?
Read the manual in the Wiki? A lot of time was spent writing it, and there is a wealth of other information there too. Please make use of it and you can then answer this sort of question yourself.
In short, if you set a configuration item manually (and not via the server-manager which only has a subset of configuration items) and run the correct service e-g. console-save or post-upgrade/reboot then the system will re-generate the template for you.
You do not need to do this:
config setprop smb ServerMaxProtocol NT1
expand-template /etc/smb.conf
service smb restart
You should do this or similar:
config setprop smb ServerMaxProtocol NT1
signal-event console-save
If you REALLY need something not allowed by a configuration item ie some new setting (and you need to look in the templates to see what is there, and what is not) then you can create custom template overrides. Read the wiki for more. There are pages on extra settings if required and lots of other good stuff.
Note - Windows will likely outlaw SMB1 before very long - they will pull support entirely and you will have no choice but to use SMB3. It is just a matter of time.
I don't want my shares browsable. I will map them instead.
In that case you seem to have missed the core point that you do NOT need to set it back to NT1 - all that does is allow use of SMB1 on Windows and re-enables NetBIOS browsing.
If you do NOT want browsing then use SMB3 and map the shares. If you use SMB3 and want browsing use wsdd.
What could be possible reasons for not being able to connect to a share/i-bay ?
And that was your original question.
You should have been able to connect because you would be using SMB3. You just could not browse shares. That is a different thing entirely. Just use SMB3 for your own security, and map the drives.
-
You should have been able to connect because you would be using SMB3. You just could not browse shares. That is a different thing entirely. Just use SMB3 for your own security, and map the drives.
With smb1 on V10 I can map my shares, without it, I am not able to do it, even if we forget the browsing issue.
-
With smb1 on V10 I can map my shares, without it, I am not able to do it, even if we forget the browsing issue.
In that case you may have another issue.
They should map with SMB3.
What errors have you got? You must have some in Windows, and probably SME too.
-
In that case you may have another issue.
They should map with SMB3.
What errors have you got? You must have some in Windows, and probably SME too.
I got this to work by setting SMB v2 on Sme server and also having smb v1 and v2 enabled on the client side. I read here https://www.tgrmn.com/web/kb/item130.htm (https://www.tgrmn.com/web/kb/item130.htm) the highest version between the two will be used - when I do a Get-SmbConnection, I see that v2 is used, so I am not really sure why smb v1 needs to be enabled as well.
-
Assuming you ARE using Koozali SME server v10 then you should be able to connect with SMB v3
Show us:
cat /etc/redhat-release
This is a connection from my linux desktop to a test v10 server - note that thsi server is running the upstream Samba 4.10.16 but you should get the same with the version you have installed which is probably 4.6.x
[root@smev10a5v1 ~]# smbstatus
Samba version 4.10.16
PID Username Group Machine Protocol Version Encryption Signing
----------------------------------------------------------------------------------------------------------------------------------------
20613 admin admin 192.168.10.147 (ipv4:192.168.10.147:54854) SMB3_11 - partial(AES-128-CMAC)
Service pid Machine Connected at Encryption Signing
---------------------------------------------------------------------------------------------
admin 20613 192.168.10.147 Fri Nov 27 17:33:49 2020 CET - -
There should be no reason you cannot connect.
So show us what you get on your server with smbstatus
-
e-smith-samba update that is waiting for further testing and release facilitates mapping of shares etc, leave win10 smb1 disabled, update sme10 and map network drives as much as you want.
Want to browse as well, install the wsdd contrib.
No need to fiddle about changing conf files or windows default settings
-
So show us what you get on your server with smbstatus
Samba version 4.6.2
PID Username Group Machine Protocol Version Encryption Signing
----------------------------------------------------------------------------------------------------------------------------------------
2410 XXXXXX XXXXXX 192.168.8.109 (ipv4:192.168.8.109:49697) SMB2_10 - partial(HMAC-SHA256)
Service pid Machine Connected at Encryption Signing
---------------------------------------------------------------------------------------------
customer 2410 192.168.8.109 Sun Nov 29 15:17:26 2020 SAST - -
Locked files:
Pid Uid DenyMode Access R/W Oplock SharePath Name Time
--------------------------------------------------------------------------------------------------
2410 5000 DENY_NONE 0x100081 RDONLY NONE /home/e-smith/files/ibays/customer/files . Sun Nov 29 15:17:26 2020
2410 5000 DENY_NONE 0x100081 RDONLY NONE /home/e-smith/files/ibays/customer/files . Sun Nov 29 15:17:43 2020
2410 5000 DENY_NONE 0x80 RDONLY NONE /home/e-smith/files/ibays/customer/files . Sun Nov 29 15:18:27 2020
-
No idea why you can't connect with SMB3 - we have not had any one else with the issue as far as I am aware.
Note also that things are moving fast. There is an update to Samba so we are now using the upstream version 4.10.16
yum --enablerepo=smeupdates-testing update
or
yum --enablerepo=smeupdates-testing install e-smith-samba
That should install the new versions, but note you might still errors with some things - ntpd is not working correctly right now:
rpm -qa |grep samba
samba-client-libs-4.10.16-7.el7_9.x86_64
samba-common-4.10.16-7.el7_9.noarch
samba-winbind-modules-4.10.16-7.el7_9.x86_64
samba-client-4.10.16-7.el7_9.x86_64
e-smith-samba-2.6.0-12.el7.sme.noarch
samba-common-tools-4.10.16-7.el7_9.x86_64
samba-common-libs-4.10.16-7.el7_9.x86_64
samba-dc-libs-4.10.16-7.el7_9.x86_64
samba-python-4.10.16-7.el7_9.x86_64
samba-libs-4.10.16-7.el7_9.x86_64
samba-winbind-4.10.16-7.el7_9.x86_64
samba-dc-4.10.16-7.el7_9.x86_64
samba-4.10.16-7.el7_9.x86_64
Check these templates for the max/min settings and so you can see how it works.
/etc/e-smith/templates/etc/smb.conf/11maxProtocol
/etc/e-smith/templates/etc/smb.conf/11minProtocol
Unless you override, SME will use SMB3.
-
Also, please read the bugs as things are changing by the minute right now.
Search for samba or smb. Check on closed ones as well.
https://bugs.contribs.org (https://bugs.contribs.org)