我目前正在尝试让 Redhat 5 上运行的旧独立 Samba Share 服务器恢复运行!它之前运行的是 3.0 版本,由于存在很多问题,我决定使用官方软件包升级到 3.6 版本。现在,我在 Radhat 5 上正确运行了 samba 3.6
Red Hat Enterprise Linux Server release 5.11 (Tikanga)
Samba version 3.6.23-12.el5_11
这是我的 testparm 输出:
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[diro]"
Processing section "[dirt]"
Processing section "[dire]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
workgroup = DUMMY
server string = Samba %v
interfaces = 127.0.0.1, eth0
bind interfaces only = Yes
client ipc signing = auto
printcap name = cups
idmap config * : backend = tdb
cups options = raw
[diro]
path = /home/diro
valid users = usero
read only = No
create mask = 0664
directory mask = 0775
[dirt]
path = /home/diro/t
valid users = usero
read only = No
create mask = 0777
directory mask = 0777
[dire]
path = /home/diro/e
valid users = usert
read only = No
create mask = 0777
directory mask = 0777
完整的smb.conf:
[global]
workgroup = DUMMY
server string = Samba %v
interfaces = 127.0.0.1 eth0
bind interfaces only = true
printing = cups
printcap name = cups
load printers = yes
client ipc signing = auto
client signing = auto
log level = 3
min protocol = core
map to guest = Bad User
security = user
passdb backend = tdbsam
load printers = yes
cups options = raw
[diro]
path = /home/diro
valid users = usero
read only = No
create mask = 0664
directory mask = 0775
[dirt]
path = /home/diro/t
valid users = usero
read only = No
create mask = 0777
directory mask = 0777
[dire]
path = /home/diro/e
valid users = usert
read only = No
create mask = 0777
directory mask = 0777
我能够从本地主机连接到其中一个共享:
>$ smbclient //DUMMYMO/diro -U usero usero
Domain=[DUMMY] OS=[Unix] Server=[Samba 3.6.23-12.el5_11]
smb: \>
这很好,但我仍然想知道为什么它不能在 Windows 7 机器上运行:
>$ net use x: \\DUMMYMO\diro /user:usero usero
System error 58 has occurred.
The specified server cannot perform the requested operation.
通过将日志级别设置为 3,我能够在 Windows 连接尝试期间看到这些日志行:
[2017/11/06 15:12:46.107877, 3] lib/access.c:338(allow_access)
Allowed connection from XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX)
[2017/11/06 15:12:46.108026, 3] smbd/oplock.c:922(init_oplocks)
init_oplocks: initializing messages.
[2017/11/06 15:12:46.108087, 3] smbd/oplock_linux.c:246(linux_init_kernel_oplocks)
Linux kernel oplocks enabled
[2017/11/06 15:12:46.108167, 3] smbd/process.c:1609(process_smb)
Transaction 0 of length 109 (0 toread)
[2017/11/06 15:12:46.108198, 3] smbd/process.c:1414(switch_message)
switch message SMBnegprot (pid 13707) conn 0x0
[2017/11/06 15:12:46.108463, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [NotSmb]
[2017/11/06 15:12:46.108496, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [NotSmb]
[2017/11/06 15:12:46.108517, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [NotSmb]
[2017/11/06 15:12:46.108537, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [NotSmb]
[2017/11/06 15:12:46.108556, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [NotSmb]
[2017/11/06 15:12:46.108576, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [NotSmb]
[2017/11/06 15:12:46.108595, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [SMB 2.002]
[2017/11/06 15:12:46.108615, 3] smbd/negprot.c:598(reply_negprot)
Requested protocol [SMB 2.???]
[2017/11/06 15:12:46.108669, 0] smbd/negprot.c:706(reply_negprot)
No protocol supported !
[2017/11/06 15:12:46.110716, 1] smbd/process.c:457(receive_smb_talloc)
receive_smb_raw_talloc failed for client XXX.XXX.XXX.XXX read error = NT_STATUS_CONNECTION_RESET.
[2017/11/06 15:12:46.110790, 3] smbd/server_exit.c:181(exit_server_common)
Server exit (failed to receive smb request)
这是网络跟踪:
>$ sudo tcpdump -i eth0 -nn "tcp port 445"
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
15:21:05.292627 IP XXX.XXX.XXX.XXX.54997 > YYY.YYY.YYY.YYY.445: S 946161236:946161236(0) win 8192 <mss 1380,nop,wscale 8,nop,nop,sackOK>
15:21:05.292732 IP YYY.YYY.YYY.YYY.445 > XXX.XXX.XXX.XXX.54997: S 2489729164:2489729164(0) ack 946161237 win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 7>
15:21:05.294416 IP XXX.XXX.XXX.XXX.54997 > YYY.YYY.YYY.YYY.445: . ack 1 win 258
15:21:05.294748 IP XXX.XXX.XXX.XXX.54997 > YYY.YYY.YYY.YYY.445: P 1:110(109) ack 1 win 258
15:21:05.294772 IP YYY.YYY.YYY.YYY.445 > XXX.XXX.XXX.XXX.54997: . ack 110 win 46
15:21:05.298603 IP YYY.YYY.YYY.YYY.445 > XXX.XXX.XXX.XXX.54997: P 1:42(41) ack 110 win 46
15:21:05.300286 IP XXX.XXX.XXX.XXX.54997 > YYY.YYY.YYY.YYY.445: R 110:110(0) ack 42 win 0
正如日志中提到的,客户端在服务器应答后直接发送了一个 RST 标志,我不知道为什么。我已经尝试了许多解决方案,例如最小协议、服务器签名,但都没有成功。
我没有其他解决办法。您有什么建议吗?
请注意,我没有桌面的管理员访问权限,并且我猜测许多参数都是由域强加的。
答案1
感谢 MadHatter 的提示,我得以解决这个问题:客户端只需要 SMB2,而不是 SMB3。此技巧可轻松应用于 Global 部分下的配置中:
最大协议 = SMB2