Selim, One of my teammates has started looking at this issue. SMB signing/sealing will be fixed soon.
Natalie Selim Daoud wrote: >natalie, >disabling packet signing on AD side did the trick, thanks >what will be the nevada release to incorporate a fix for packet signing? > >thanks for your help > >s- > >On Dec 15, 2007 6:12 AM, Natalie Li <[EMAIL PROTECTED]> wrote: > > >>Please disable packet signing on your domain controller and try again. >>This is a known issue. >> >>Natalie >> >> >>Selim Daoud wrote: >> >> >> >>>btw..I'm on b79 >>> >>> >>>On Dec 15, 2007 3:31 AM, Selim Daoud <[EMAIL PROTECTED]> wrote: >>> >>> >>> >>> >>>>Hi all, >>>>can someone give me a hint to solve this problem. thanks a lot >>>>(working in workgroup mode is fine though) >>>> >>>>When trying to join the domain, I obtain following: >>>> >>>>[EMAIL PROTECTED] smbadm join -u sam kuada >>>>Enter domain password: >>>>Joining 'kuada' ... this may take a minute ... >>>>failed to join domain 'kuada' (LOGON_FAILURE) >>>>[EMAIL PROTECTED] dmesg | tail >>>> >>>>Dec 15 02:53:25 blade smbd[2074]: [ID 995127 daemon.error] dyndns: UDP >>>>send error (Bad file number) >>>>Dec 15 02:53:25 blade smbd[2074]: [ID 342079 daemon.error] smb_ads: >>>>send/receive error >>>>Dec 15 02:53:27 blade smbd[2074]: [ID 350819 daemon.error] >>>>SmbrdrExchange[115]: bad signature >>>>Dec 15 02:53:27 blade smbd[2074]: [ID 286894 daemon.error] >>>>SmbrdrSessionSetup: INVALID_NETWORK_RESPONSE >>>>Dec 15 02:53:27 blade smbd[2074]: [ID 871254 daemon.error] smbd: >>>>failed joining kuada (LOGON_FAILURE) >>>> >>>> >>>> >>>>from the AD server (Security Event Viewer) , I can see user "sam" >>> >>> >>>>connecting fine: >>>>(here are 3 event viewer event I get) >>>>******************************************************* >>>>Event Type: Success Audit >>>>Event Source: Security >>>>Event Category: Logon/Logoff >>>>Event ID: 540 >>>>Date: 15/12/2007 >>>>Time: 02:53:27 >>>>User: KUADA\sam >>>>Computer: EXLUDUS >>>>Description: >>>>Successful Network Logon: >>>> User Name: sam >>>> Domain: KUADA >>>> Logon ID: (0x0,0x979813) >>>> Logon Type: 3 >>>> Logon Process: NtLmSsp >>>> Authentication Package: NTLM >>>> Workstation Name: \\192.168.2.150 >>>> Logon GUID: - >>>> Caller User Name: - >>>> Caller Domain: - >>>> Caller Logon ID: - >>>> Caller Process ID: - >>>> Transited Services: - >>>> Source Network Address: 192.168.2.150 >>>> Source Port: 0 >>>>----------------------------------------------- >>>>Event Type: Success Audit >>>>Event Source: Security >>>>Event Category: Logon/Logoff >>>>Event ID: 576 >>>>Date: 15/12/2007 >>>>Time: 02:53:27 >>>>User: KUADA\sam >>>>Computer: EXLUDUS >>>>Description: >>>>Special privileges assigned to new logon: >>>> User Name: sam >>>> Domain: KUADA >>>> Logon ID: (0x0,0x979813) >>>> Privileges: SeSecurityPrivilege >>>> SeBackupPrivilege >>>> SeRestorePrivilege >>>> SeTakeOwnershipPrivilege >>>> SeDebugPrivilege >>>> SeSystemEnvironmentPrivilege >>>> SeLoadDriverPrivilege >>>> SeImpersonatePrivilege >>>> SeEnableDelegationPrivilege >>>>----------------------------------------------- >>>>Event Type: Success Audit >>>>Event Source: Security >>>>Event Category: Account Logon >>>>Event ID: 680 >>>>Date: 15/12/2007 >>>>Time: 02:53:27 >>>>User: KUADA\sam >>>>Computer: EXLUDUS >>>>Description: >>>>Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 >>>>Logon account: SAM >>>>Source Workstation: \\192.168.2.150 >>>>Error Code: 0x0 >>>>******************************************************* >>>> >>>>Here are some more info on my configuration: >>>>[EMAIL PROTECTED] sharectl get smb >>>>system_comment= >>>>max_workers=64 >>>>netbios_scope= >>>>rdr_ipcmode=auth >>>>lmauth_level=4 >>>>keep_alive=5400 >>>>wins_server_1= >>>>wins_server_2= >>>>wins_exclude= >>>>signing_enabled=false >>>>signing_required=false >>>>restrict_anonymous=false >>>>pdc= >>>>ads_enable=true >>>>ads_user=QWRtaW5pc3RyYXRvcg== >>>>ads_user_container= >>>>ads_domain=kuada.dyndns.org >>>>ads_passwd=Q2Ezc2Fy >>>>ads_ip_lookup=false >>>>ads_site= >>>>ddns_enable=true >>>>ddns_retry_sec=2 >>>>ddns_retry_cnt=3 >>>>autohome_map=/etc >>>> >>>> >>>>here's the same session with a snoop >>>>********************************************** >>>>[EMAIL PROTECTED] svcadm disable smb/server; svcadm enable -r smb/server >>>>svcadm: svc:/milestone/network depends on svc:/network/physical, which >>>>has multiple instances. >>>>[EMAIL PROTECTED] >>>>[EMAIL PROTECTED] snoop not port 22 & >>>>[2] 2134 >>>>[EMAIL PROTECTED] Using device qfe3 (promiscuous mode) >>>> >>>>[EMAIL PROTECTED] smbadm join -u sam kuada >>>>Enter domain password: >>>>Joining 'kuada' ... this may take a minute ... >>>> blade -> exludus.kuada.dyndns.org DNS C Internet Unknown (33) ? >>>>exludus.kuada.dyndns.org -> blade DNS R >>>> blade -> exludus.kuada.dyndns.org DNS C >>>>_ldap._tcp.dc._msdcs.kuada.dyndns.org. Internet Unknown (33) ? >>>>exludus.kuada.dyndns.org -> blade DNS R >>>>_ldap._tcp.dc._msdcs.kuada.dyndns.org. Internet Unknown (33) >>>> blade -> 192.168.2.255 NBT NS Release Request for BLADE[0], Success >>>> blade -> 192.168.2.255 NBT NS Release Request for WORKGROUP[0], >>>> Success >>>> blade -> 192.168.2.255 NBT NS Release Request for BLADE[20], Success >>>> blade -> 192.168.2.255 NBT NS Registration Request for BLADE[0], >>>> Success >>>> blade -> 192.168.2.255 NBT NS Registration Request for BLADE[20], >>>> Success >>>> blade -> exludus.kuada.dyndns.org DNS C >>>>255.2.168.192.in-addr.arpa. Internet PTR ? >>>>exludus.kuada.dyndns.org -> blade DNS R Error: 3(Name Error) >>>> blade -> exludus.kuada.dyndns.org DNS C >>>>255.2.168.192.in-addr.arpa. Internet PTR ? >>>>exludus.kuada.dyndns.org -> blade DNS R Error: 3(Name Error) >>>> blade -> 192.168.2.255 NBT NS Query Request for WORKGROUP[0], Success >>>>failed to join domain 'kuada' (LOGON_FAILURE) >>>>[EMAIL PROTECTED] blade -> exludus.kuada.dyndns.org SMB C port=44420 >>>>exludus.kuada.dyndns.org -> blade SMB R port=44420 >>>> blade -> exludus.kuada.dyndns.org SMB C port=44420 >>>> blade -> exludus.kuada.dyndns.org SMB C Code=0x72 >>>>Name=SMBnegprot LastDialect=NT LM 0.12 Error=0 >>>>exludus.kuada.dyndns.org -> blade SMB R Code=0x72 >>>>Name=SMBnegprot Dialect#=0 Error=0 >>>> blade -> exludus.kuada.dyndns.org SMB C port=44420 >>>> blade -> exludus.kuada.dyndns.org SMB C Code=0x73 >>>>Name=SMBsesssetupX Username=SAM Error=0 >>>>exludus.kuada.dyndns.org -> blade SMB R Code=0x73 >>>>Name=SMBsesssetupX Error=0 >>>> blade -> exludus.kuada.dyndns.org SMB C port=44420 >>>> blade -> 192.168.2.255 NBT NS Query Request for WORKGROUP[0], Success >>>> blade -> 192.168.2.255 NBT NS Registration Request for >>>>WORKGROUP[0], Success >>>> blade -> 192.168.2.255 NBT NS Query Request for WORKGROUP[1d], Success >>>> blade -> 192.168.2.255 NBT NS Query Request for WORKGROUP[1d], Success >>>> blade -> 192.168.2.255 NBT NS Query Request for WORKGROUP[1b], Success >>>> blade -> 192.168.2.255 NBT NS Query Request for WORKGROUP[1b], Success >>>> >>>>[EMAIL PROTECTED] dmesg | tail >>>>Dec 15 03:02:57 blade smbd[2127]: [ID 995127 daemon.error] dyndns: UDP >>>>send error (Bad file number) >>>>Dec 15 03:02:57 blade smbd[2127]: [ID 342079 daemon.error] smb_ads: >>>>send/receive error >>>>Dec 15 03:03:00 blade smbd[2127]: [ID 350819 daemon.error] >>>>SmbrdrExchange[115]: bad signature >>>>Dec 15 03:03:00 blade smbd[2127]: [ID 286894 daemon.error] >>>>SmbrdrSessionSetup: INVALID_NETWORK_RESPONSE >>>>Dec 15 03:03:00 blade smbd[2127]: [ID 871254 daemon.error] smbd: >>>>failed joining kuada (LOGON_FAILURE) >>>> >>>> >>>> >>>> >>>> >>> >>> >>> >>> >>> >> >> > > > > > _______________________________________________ storage-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/storage-discuss
