Environment
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 1
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 2
Situation
When trying to authenticate a user from a client or from the server itself utilizing smbclient, CIFS will time out with various different errors:
ERROR: Windows cannot access \\Servername_W
ERROR: Check the spelling of the name. Otherwise, there might be a problem with your network.
ERROR: The network path was not found
ERROR: CRITICAL: AUTH: unable to resolve the netbios name !!
ERROR: The specified network name is no longer available
ERROR: protocol negotiation failed: NT_STATUS_IO_TIMEOUT
Resolution
-
Be sure that time is in sync on both the OES and AD servers.
-
From a command prompt on the AD server, type the following command:
nbtstat -A ip.addr.of.adserver -
Locate the line that contains <20> in the output and take note of the name. IE:
Local Area Connection: Node IpAddress: [10.10.21.63] Scope Id: [] NetBIOS Remote Machine Name Table Name Type Status --------------------------------------------- JOHARMON21 <00> UNIQUE Registered W2K3R2 <1C> GROUP Registered W2K3R2 <00> GROUP Registered JOHARMON21 <20> UNIQUE Registered W2K3R2 <1B> UNIQUE Registered W2K3R2 <1E> GROUP Registered W2K3R2 <1D> UNIQUE Registered ..__MSBROWSE__.<01> GROUP Registered MAC Address = 00-00-29-98-FE-00
-
Open iManager > File Protocols > CIFS > SELECT YOUR SERVER and then choose AUTHENTICATION under the GENERAL tab.
-
Be sure to enter the Work Group/Domain information (netbios name should suffice)
-
Under PRIMARY DOMAIN CONTROLLER enter the NAME as discovered in number three above. Enter the IP address for the same server in the corresponding field
-
Be sure that SMB SIGNATURE under the GENERAL tab, SERVER sub-menu is also set to disabled.
- Be sure that the name specified in number three above is pingable by the OES server. If it isn't add an entry into the /etc/hosts file of the OES server to make it resolvable.
-
On the Active Directory side, be sure the following is set:
- START > RUN > regedit > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
- Be sure that both RequireSecuritySignature and EnableSecuritySignature are set to 0 -
On the Active Directory side, open a command window and execute the following command:
- net config server /autodisconnect:65535 -
Restart CIFS on the OES side. If debug logging is enabled, and OES successfully connects with Active Directory (AD), then the /var/log/cifs/cifs.log should report a line as follows:
- DEBUG: AUTH: DCNC state: SessSetupTconIPC, event: receive tcp, new state: ReadyForClients -
Retry the authentication. It should now work