Highlighted
Dtek1
2 Iron

Mounting CIFS on Linux clients

We need to mount CIFS shares on Isilon on linux clients using kerberos.   I keep getting this error: "

# mount -t cifs //smartconnectzone_name.mydomain.com/share_name /test -v -o sec=krb5,username=myid,domain=mydomain

  1. mount.cifs kernel mount options: ip=a.b.c.d.,unc=\\smartconnectzone_name.mydomain.com\share_name,sec=krb5,nodfs,ver=1,user=myid,domain=mydomain,pass=********

mount error(2): No such file or directory

Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)

#

Checking kerberos , looks good

# kvno cifs/smartconnectzone_name.mydomain.com

cifs/smartconnectzone_name.mydomain.com@mydomain.com: kvno = 12


# smbclient -d 10 -k '//smartconnectzone_name.mydomain.com/share_name'

........

.........

cli_session_setup_spnego: using target hostname not SPNEGO principal

cli_session_setup_spnego: guessed server principal=cifs/smartconnectzone_name.mydomain.com@mydomain.com

Doing kerberos session setup

ads_cleanup_expired_creds: Ticket in ccache[FILE:/tmp/krb5cc_0] expiration Fri, 30 Oct 2015 21:15:30 EDT

ads_krb5_mk_req: Ticket (cifs/smartconnectzone_name.mydomain.com@mydomain.com) in ccache (FILE:/tmp/krb5cc_0) is valid until: (Fri, 30 Oct 2015 21:15:30 EDT - 1446254130)

Got KRB5 session key of length 16

SPNEGO login failed: NT_STATUS_NO_SUCH_FILE

lang_tdb_init: /usr/lib64/samba/en_US.UTF-8.msg: No such file or directory

session setup failed: NT_STATUS_NO_SUCH_FILE

#


Doing packet capture, I see "SMB session set up AndX: STATUS_NO_SUCH_FILE"  error when it fails.


We have NFSv4 using krb5 working fine. The KDC is on our AD servers. we are on OneFS v7.1.1.2.  I can map the CIFS share on a windows box fine.


Any ideas what we might have  missed for the SMB mounts to work?


Thanks

0 Kudos
6 Replies
Stdekart
2 Iron

Re: Mounting CIFS on Linux clients

Daniel,

I did some testing with a colleague. After some configuration we where able to successfully mount a CIF share on a linux client. We also messed around with the krb5 keys and authentication and had no luck reproducing the error you are seeing.

We tracked down an SR, which I believe you had opened, as your name matched the person who opened the SR. I saw a suggestion to try and set up a virtual cluster and check to see if the same issues where occurring on that?

Regardless with the supplied information and the testing we have done, we are not able to reproduce this error while authenticating, it may be environmentally induced and would need to gather more information. For this I would like to have you open and SR:

To create a service request, you have a couple options:

1. Log in to your online account on support.emc.com and go to this page: https://support.emc.com/servicecenter/createSR

2. Call in to EMC Isilon Support at 1-800-782-4362 (For a complete local country dial list, please see this document: http://www.emc.com/collateral/contact-us/h4165-csc-phonelist-ho.pdf)

Dtek1
2 Iron

Re: Mounting CIFS on Linux clients

Shane, Yes, that is my SR...-Smiley Happy

Yes  building a virtual cluster is a good idea but that is taking us sometime on our side waiting for a test vmware cluster to be up. Users can not wait for us to build the virtual cluster so we need to get this working. We have followed the guide/white paper in setting this up, but no luck.

I am happy to give as much information as you guys require. As you can see on the SR, I have uploaded pcaps, logs  etc.. Any help we can get to have this working is much appreciated.

Thanks Shane.

-Daniel

0 Kudos
Stdekart
2 Iron

Re: Mounting CIFS on Linux clients

Daniel,

Is is possible to get the smb.conf file output from the client?

Should be located at /etc/samba/smb.conf.

Shane

0 Kudos
Dtek1
2 Iron

Re: Mounting CIFS on Linux clients

Shane, here it is:

# cat /etc/samba/smb.conf

[global]

        workgroup = mydomain

        server string = Samba Server Version %v

        security = ads

        passdb backend = tdbsam

        realm = mydomain.com

        password server = ldapad.mydomain.com

        client ntlmv2 auth = yes

        kerberos method = secrets and keytab

        log file = /var/log/samba/log.%m

        max log size = 50

#

Thanks

0 Kudos
Stdekart
2 Iron

Re: Mounting CIFS on Linux clients

Daniel,

I just wanted to let you know that we have a few extra eyes on the issue, we're working with the current case owner of SR 74825994 investigating the issue and reviewing the info in the case. Along with gathering some new info.

0 Kudos
Dtek1
2 Iron

Re: Mounting CIFS on Linux clients

Thank you Shane.

0 Kudos