Samba share with Windows issues
by LinuxUser2 from LinuxQuestions.org on (#6JZ6G)
I keep having repeating issues with a RHEL 8.7 server and Windows clients that are trying to access the RHEL samba server file system shares. This is working on other servers with RHEL 7.2 but on a new 8.7 server this was working but has now stopped working again with new errors I am struggling to interpret and diagnose the root cause.
Most of the directory shares are configured for guest access so there should be no need to login with any credentials to view most of the folders. It acts like it allows the connection and then try's to authenticate the user and fails to authenticate the user but there should be no need for this as it should be publicly accessible with guest access allowing unknown users to read the files.
In this case it seems to be some type of authentication issue with the Windows clients and RHEL 8.7 samba file system shares involving NTLMv2? Any help would be appreciated.
##################################################################################
Auth: [SMB2,(null)] user [domain]\[user] at [Wed, 28 Feb 2024 09:39:03.212857 EST] with [NTLMv2] status [NT_STATUS_LOGON_FAILURE] workstation [DSK00000] remote host [ipv4:111.11.111.112:51596] mapped to [domain]\[user]. local host [ipv4:111.11.111.38:445]
{"timestamp": "2024-02-28T09:39:03.212903-0500", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 2}, "eventId": 4625, "logonId": "0", "logonType": 3, "status": "NT_STATUS_LOGON_FAILURE", "localAddress": "ipv4:111.11.111.38:445", "remoteAddress": "ipv4:111.11.111.112:51596", "serviceDescription": "SMB2", "authDescription": null, "clientDomain": "domain", "clientAccount": "user", "workstation": "DSK00000", "becameAccount": null, "becameDomain": null, "becameSid": null, "mappedAccount": "user", "mappedDomain": "domain", "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": null, "passwordType": "NTLMv2", "duration": 196975}}
[2024/02/28 09:39:03.212940, 3] ../../auth/gensec/spnego.c:1445(gensec_spnego_server_negTokenTarg_step)
gensec_spnego_server_negTokenTarg_step: SPNEGO(ntlmssp) login failed: NT_STATUS_LOGON_FAILURE
[2024/02/28 09:39:03.212961, 3] ../../source3/smbd/smb2_server.c:3956(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../../source3/smbd/smb2_sesssetup.c:147
Auth: [SMB2,(null)] user [domain]\[user] at [Wed, 28 Feb 2024 09:39:03.212857 EST] with [NTLMv2] status [NT_STATUS_LOGON_FAILURE] workstation [DSK00000] remote host [ipv4:111.11.111.112:51596] mapped to [domain]\[user]. local host [ipv4:111.11.111.38:445]
{"timestamp": "2024-02-28T09:39:03.212903-0500", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 2}, "eventId": 4625, "logonId": "0", "logonType": 3, "status": "NT_STATUS_LOGON_FAILURE", "localAddress": "ipv4:111.11.111.38:445", "remoteAddress": "ipv4:111.11.111.112:51596", "serviceDescription": "SMB2", "authDescription": null, "clientDomain": "domain", "clientAccount": "user", "workstation": "DSK00000", "becameAccount": null, "becameDomain": null, "becameSid": null, "mappedAccount": "user", "mappedDomain": "domain", "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": null, "passwordType": "NTLMv2", "duration": 196975}}
[2024/02/28 09:39:03.212940, 3] ../../auth/gensec/spnego.c:1445(gensec_spnego_server_negTokenTarg_step)
gensec_spnego_server_negTokenTarg_step: SPNEGO(ntlmssp) login failed: NT_STATUS_LOGON_FAILURE
[2024/02/28 09:39:03.212961, 3] ../../source3/smbd/smb2_server.c:3956(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../../source3/smbd/smb2_sesssetup.c:147
Most of the directory shares are configured for guest access so there should be no need to login with any credentials to view most of the folders. It acts like it allows the connection and then try's to authenticate the user and fails to authenticate the user but there should be no need for this as it should be publicly accessible with guest access allowing unknown users to read the files.
In this case it seems to be some type of authentication issue with the Windows clients and RHEL 8.7 samba file system shares involving NTLMv2? Any help would be appreciated.
##################################################################################
Auth: [SMB2,(null)] user [domain]\[user] at [Wed, 28 Feb 2024 09:39:03.212857 EST] with [NTLMv2] status [NT_STATUS_LOGON_FAILURE] workstation [DSK00000] remote host [ipv4:111.11.111.112:51596] mapped to [domain]\[user]. local host [ipv4:111.11.111.38:445]
{"timestamp": "2024-02-28T09:39:03.212903-0500", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 2}, "eventId": 4625, "logonId": "0", "logonType": 3, "status": "NT_STATUS_LOGON_FAILURE", "localAddress": "ipv4:111.11.111.38:445", "remoteAddress": "ipv4:111.11.111.112:51596", "serviceDescription": "SMB2", "authDescription": null, "clientDomain": "domain", "clientAccount": "user", "workstation": "DSK00000", "becameAccount": null, "becameDomain": null, "becameSid": null, "mappedAccount": "user", "mappedDomain": "domain", "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": null, "passwordType": "NTLMv2", "duration": 196975}}
[2024/02/28 09:39:03.212940, 3] ../../auth/gensec/spnego.c:1445(gensec_spnego_server_negTokenTarg_step)
gensec_spnego_server_negTokenTarg_step: SPNEGO(ntlmssp) login failed: NT_STATUS_LOGON_FAILURE
[2024/02/28 09:39:03.212961, 3] ../../source3/smbd/smb2_server.c:3956(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../../source3/smbd/smb2_sesssetup.c:147
Auth: [SMB2,(null)] user [domain]\[user] at [Wed, 28 Feb 2024 09:39:03.212857 EST] with [NTLMv2] status [NT_STATUS_LOGON_FAILURE] workstation [DSK00000] remote host [ipv4:111.11.111.112:51596] mapped to [domain]\[user]. local host [ipv4:111.11.111.38:445]
{"timestamp": "2024-02-28T09:39:03.212903-0500", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 2}, "eventId": 4625, "logonId": "0", "logonType": 3, "status": "NT_STATUS_LOGON_FAILURE", "localAddress": "ipv4:111.11.111.38:445", "remoteAddress": "ipv4:111.11.111.112:51596", "serviceDescription": "SMB2", "authDescription": null, "clientDomain": "domain", "clientAccount": "user", "workstation": "DSK00000", "becameAccount": null, "becameDomain": null, "becameSid": null, "mappedAccount": "user", "mappedDomain": "domain", "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": null, "passwordType": "NTLMv2", "duration": 196975}}
[2024/02/28 09:39:03.212940, 3] ../../auth/gensec/spnego.c:1445(gensec_spnego_server_negTokenTarg_step)
gensec_spnego_server_negTokenTarg_step: SPNEGO(ntlmssp) login failed: NT_STATUS_LOGON_FAILURE
[2024/02/28 09:39:03.212961, 3] ../../source3/smbd/smb2_server.c:3956(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../../source3/smbd/smb2_sesssetup.c:147