Big news! The community will be moving to a new platform April 21. Read more.
Big news! The community will be moving to a new platform April 21. Read more.
Absent Member.
Absent Member.
1537 views

CIFS doesn't work

Hi,

for my primary server (A) OES 2 Sp1(SLES10SP1) I try configure CIFS. I study doc on novell ,googling etc. but only anonymous acces work for me. When I try to auth from client workstation many erros appear. I try reinstal services witch new proxy user, set up password policy, add shares. For user add universal password and policy. But still errors :

cifs.log :

CRITICAL: AUTH: Credentials do not match - User : xxx.xx.xx.xxxx.xxx
WARNING: CODIR: Failed to authenticate User : xxx
CRITICAL: AUTH: Bad password. tempSES->nwLoginError is 222

proxy user has trustee :

CN
nfapCIFSAttach
nfapCIFSComment
nfapCIFSServerName
nfapCIFSShares

Can you help me ?
Labels (2)
0 Likes
6 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

vogl;2221031 wrote:
Hi,

for my primary server (A) OES 2 Sp1(SLES10SP1) I try configure CIFS. I study doc on novell ,googling etc. but only anonymous acces work for me. When I try to auth from client workstation many erros appear. I try reinstal services witch new proxy user, set up password policy, add shares. For user add universal password and policy. But still errors :

cifs.log :

CRITICAL: AUTH: Credentials do not match - User : xxx.xx.xx.xxxx.xxx
WARNING: CODIR: Failed to authenticate User : xxx
CRITICAL: AUTH: Bad password. tempSES->nwLoginError is 222

proxy user has trustee :

CN
nfapCIFSAttach
nfapCIFSComment
nfapCIFSServerName
nfapCIFSShares

Can you help me ?


Does the Universal password also fill the simple password? The simple password is the one used by CIFS and you have to set the Universal Password policy so that it also syncs the set password to the simple password field.

If this simple password was not set, try resetting the password for a user using iManager's passwords module (after having set the Universal Password Policy to sync the simple password) and retry connecting via CIFS.

As added note, OES2 SP1 has not been supported for quite some time now, I'd really recommend to update to later code (OES2 SP3/SLES10 SP4 or OES11sp1/SLES11sp2).

Hope that helps,
-Willem
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

magic31;2221054 wrote:
Does the Universal password also fill the simple password? The simple password is the one used by CIFS and you have to set the Universal Password policy so that it also syncs the set password to the simple password field.

If this simple password was not set, try resetting the password for a user using iManager's passwords module (after having set the Universal Password Policy to sync the simple password) and retry connecting via CIFS.

As added note, OES2 SP1 has not been supported for quite some time now, I'd really recommend to update to later code (OES2 SP3/SLES10 SP4 or OES11sp1/SLES11sp2).

Hope that helps,
-Willem


I thought they changed CIFS so it doesn't use/need simple password anymore? Just UP

Although maybe that was in SP2 and later

Also, the OP doesn't mention which OS (workstation) is being used because it's possible if they're using Vista/Win7/2003 Server on up, that it's using NTLMv2 and he'll need OES2 SP3 or later for that (I believe).

Assuming of course, that the issue isn't with the CIFS proxy user to begin with. I THINK in OES2 SP1, that the Cifs Proxy user needed the ability to retrieve the user's password?

Yes, otherwise the OP should definitely upgrade to OES2 SP3 or OES11 SP1 if possible.
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

kjhurni;2221118 wrote:
I thought they changed CIFS so it doesn't use/need simple password anymore? Just UP

Although maybe that was in SP2 and later

Also, the OP doesn't mention which OS (workstation) is being used because it's possible if they're using Vista/Win7/2003 Server on up, that it's using NTLMv2 and he'll need OES2 SP3 or later for that (I believe).

Assuming of course, that the issue isn't with the CIFS proxy user to begin with. I THINK in OES2 SP1, that the Cifs Proxy user needed the ability to retrieve the user's password?

Yes, otherwise the OP should definitely upgrade to OES2 SP3 or OES11 SP1 if possible.


I'm blurry on that too (simple password requirement), as I had in my head that OES2 SP3 was the one to bring the UP only needed change as also a more common use of the common proxy. Have not followed it enough.

From what I remember OES2 still used the simple password upto SP2. In any case, a thing that needs to get ruled out first - my thought at least.


@vogl: Have you also double checked the user eDir containers are selected within the CIFS context as contexts to search for users that can be used to authenticate in? Also make sure user names are unique within the contexts you have specified for CIFS to search in.

-Willem
0 Likes
Absent Member.
Absent Member.

Hi,

now I can use CIFS (mount shares), but I don't know why 🙂 I reinstall CIFS, recreate proxu users, passwd, context etc. But there is anothee trouble : when user try reconnect under linux (mount after umount under linux) cifs daemon crashes with segmentation fault. Debug says

DEBUG: NBNS: NBNSUdpSendNAmePacket:port =35072 IP= 255.255.255.255
INFO : NBNS: NBNS is Shut Down

Windows mount/umount shares without crushing.
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

vogl;2221237 wrote:
Hi,

now I can use CIFS (mount shares), but I don't know why 🙂 I reinstall CIFS, recreate proxu users, passwd, context etc. But there is anothee trouble : when user try reconnect under linux (mount after umount under linux) cifs daemon crashes with segmentation fault. Debug says

DEBUG: NBNS: NBNSUdpSendNAmePacket:port =35072 IP= 255.255.255.255
INFO : NBNS: NBNS is Shut Down

Windows mount/umount shares without crushing.


You'll definitely need to upgrade to at least OES2 SP3 and the latest patches because even if you have the ability to open a support call they won't help you until you're at the latest code anyway.
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

vogl;2221237 wrote:
Hi,

now I can use CIFS (mount shares), but I don't know why 🙂 I reinstall CIFS, recreate proxu users, passwd, context etc. But there is anothee trouble : when user try reconnect under linux (mount after umount under linux) cifs daemon crashes with segmentation fault. Debug says

DEBUG: NBNS: NBNSUdpSendNAmePacket:port =35072 IP= 255.255.255.255
INFO : NBNS: NBNS is Shut Down

Windows mount/umount shares without crushing.


No idea on the mount crash, sorry. As Kevin mentions getting the server on the latest code is essential, if only from a support perspective.

As added note, I've seen some weird issues with CIFS authentication where everything was configured properly but the issue was in the account itself (created a long long time ago with old tool like NWadmin and thus missing certain newer attributes - uniqueID being one of them). Freshly created account(s) using a recent ConsoleOne and/or iManager version do work in such a scenario, so it's easily checked if that's causing an issue with authentication (typically a -1668 error.

Hope you get that last mount issue sorted!

-Willem
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.