Ubuntu DFS smbclient cifs gvfs

=Work Domain=

Prerequisites
Assuming Ubuntu 12.04

cifs-utils = basic cifs mount sudo apt-get install cifs-utils

smbclient
To view the shares

U logon

W (accounts) domain (NOT same as Domain= which is domain the server is in, not account)

$ smbclient -L //xxxxxxxxxx -U xxxx -W XXX Enter xxxx's password: Domain=[XXX] OS=[Windows Server 2008 R2 Standard 7601 Service Pack 1] Server=[Windows Server 2008 R2 Standard 6.1]

Sharename      Type      Comment -            ---	simon           Disk john           Disk ADMIN$         Disk      Remote Admin admin-col      Printer   HP 4700 C$             Disk      Default share 

To get a dir style interface you need to put a share suffix, i.e


 * Note,you must put some share after the server //xxx.xx.xx.xx e.g. //xxx.xx.xx.xx/root/ otherwise nothing will be show.

$ smbclient //xxx.xx.xx.xx/root/ -U xxxx -W XXX Enter xxxx's password: Domain=[EEE] OS=[Windows Server (R) 2008 Enterprise 6002 Service Pack 2] Server=[Windows Server (R) 2008 Enterprise 6.0] smb: \> ls .                                   D        0  Sun Jun 17 20:03:46 2012 ..                                 D        0  Sun Jun 17 20:03:46 2012 BackupStore2                       D        0  Thu May 17 20:00:05 2012 Departments                        D        0  Tue May 22 13:58:56 2012 Manager                            D        0  Fri Oct 29 14:28:44 2010 Profiles                           D        0  Fri Oct 29 14:28:44 2010

34985 blocks of size 2097152. 25972 blocks available smb: \> quit

Spaces need quotes in an odd way;

smb: \Departments\> cd xxx yyy\ cd \Departments\xxx\: NT_STATUS_OBJECT_NAME_NOT_FOUND smb: \Departments\> cd "xxx yyy"\ smb: \Departments\xxx yyy\>

gvfs
This is what nautilus uses.

WORKGROUP (DOMAIN) needs to be in CAPS (can be DDD or FQDN DDD.xx.xx.xx)

$ gvfs-mount smb://xxx.xx.xx.xx/root/ Password required for share root on xxx.xx.xx.xx User [aaaa]: xxxx Domain [WORKGROUP]: DDD Password:


 * Note, whatever you enter for [WORKGROUP] doesn't always make the account relative to it, (as smbclient can manage with W option (above).) On accounts that exist in one domain and not the other it seems to be ok but when same account exists in both it seems not to work

i.e. if you specify credentials DDD\xxxx (and if EEE\xxxx and DDD\xxxx both exist), it seems to carry on using EEE\xxxx

cifs
FINISH THIS SECTION

via terminal

 * Note, by default it connects as UID/GID 0 which is root, you will need to change this otherwise you will get access denied errors as it creates structure with root only access. Append ,gid=uuu,uid=uuu to your options line, where uuu is your login name and group name (probably the same). Alternatively you can force full access to everything by appending ,file_mode=0777,dir_mode=0777 instead.
 * Note, quotes around spaces
 * Note, domain = the domain that the account is in, not what the server you are connecting to is a member of.
 * Note, domain can be in any case but MUST NOT be FQDN, i.e. DDD or ddd but NOT ddd.dd.dd.dd, either in the credentials file or on command line.
 * Note, DONT be tempted to mount under /media/ as gvfs will start going mental and creating dozens of new mounts for each folder under DFS. Use /mnt and create bookmarks instead. (In Nautilus)

Make sure the target folder (mount point) exist, create it with sudo and it is fine to leave it with root only permissions (default)

$ sudo mount -t cifs "//xxx.xx.xx.xx/root/" /mnt/xxx.xx.xx.xx -o user=xxxx,pass="yyy yyyy",dom=DDD,gid=uuu,uid=uuu

OR using a credentials file containing
 * Note, don't need quotes around spaces, and user/pass/dom are now written in full words.

username=xxxx password=yyy yyyy domain=DDD

$ sudo mount -t cifs "//xxx.xx.xx.xx/root/" /mnt/xxx.xx.xx.xx -o credentials=/home/xxxx/.smbcreds,gid=uuu,uid=uuu

via /etc/fstab

 * Note, Make sure the target folder exist, create it with sudo and it is fine to leave it with root only permissions (default)


 * Note conversely to credentials on the command line, quoted spaces need replacing with \040, i.e. user=xxxx,pass="yyy yyyy",dom=DDD becomes user=xxxx,pass=yyy\040yyyy,dom=DDD

//xxx.xx.xx.xx/root/ /mnt/xxx.xx.xx.xx/ cifs credentials=/home/xxxx/.smbcreds,gid=uuu,uid=uuu //xxx.xx.xx.xx/root/ /mnt/xxx.xx.xx.xx/ cifs user=xxxx,pass=yyy\040yyyy,dom=DDD,gid=uuu,uid=uuu
 * OR

=Local Workgroup=

Prerequisites
Assuming Ubuntu 12.04

cifs-utils = basic cifs mount via IP only

winbind = hostname resolution sudo apt-get install cifs-utils winbind

For this example im using my Belkin wireless router (F5D8235-4 v1000) running my own custom firmware that shares out any USB stick in it. (standard firmware does this too)

smbtree
On local network, will show shares etc,


 * Note, -N stops using password (assume user guest?) which is needed for router.

(Voyager is an automounted USB stick on the router.)

$ smbtree -N WORKGROUP \\TESTPC BELKIN \\BELKIN N+     		BELKIN N+		\\BELKIN N+\ADMIN$         	IPC Service ("BELKIN N+") \\BELKIN N+\IPC$          	IPC Service ("BELKIN N+") \\BELKIN N+\Voyager

smbclient

 * Note, Spaces must be in quotes, not replaced with %20

$ smbclient -L "//BELKIN N+/" -N Domain=[BELKIN] OS=[Unix] Server=[Samba 3.0.2]

Sharename      Type      Comment -            ---	Voyager         Disk IPC$           IPC       IPC Service ("BELKIN N+") ADMIN$         IPC       IPC Service ("BELKIN N+") Domain=[BELKIN] OS=[Unix] Server=[Samba 3.0.2]

Server              Comment -           ---	BELKIN N+            BELKIN N+

Workgroup           Master -           ---	BELKIN               BELKIN N+	WORKGROUP            TESTPC

Spaces to %20 = fail $ smbclient -L //BELKIN%20N+/Voyager/ -N Connection to BELKIN%20N+ failed (Error NT_STATUS_BAD_NETWORK_NAME)

gvfs

 * Note, gvfs mounts in your home/.gvfs directory, this is what Nautilus uses.
 * Note, gvfs can either replace spaces with %20 or quote whole URL

$ gvfs-mount smb://belkin%20N+/Voyager $ gvfs-mount "smb://belkin N+/Voyager" $ tree ~/.gvfs/ | head -6 /home/xxxx/.gvfs/ └── voyager on belkin n+   ├── apc.php ├── bios │   ├── bios.cfg │   ├── bios.lst
 * or

gvfs smb version override
This can set options for GVFS samba mounting to follow when used as a user in Nautilus smb:// type mounts, overriding the system smb.conf

Create this file and path (/home/USERNAME/.smb/smb.conf)

~/.smb/smb.conf

This would set your mounts on your client to force to max negotiation speed to server at CIFS aka SMB1 aka NT1) and not SMB2 for example. (Commented out option for a higher negotiation protocol, max SMB2, Win7 revision.) client max protocol = NT1
 * 1) client max protocol = SMB2_10

winbind, nsswitch.conf

 * Note, cifs needs winbind to work, else it wont be able to resolve the names to IP's (you can use ip's instead and negate winbind)


 * Install winbind and fix the line like this in /etc/nsswitch.conf - I had problems putting wins first in the past (cant remember what/why now), seems to work best at the end so it is the last lookup method.

hosts:         files mdns4_minimal [NOTFOUND=return] dns mdns4 wins

ping is easiest way to see if it now works, to add a space you need to use quotes, other methods don't work. case doesn't matter.

Initially

$ ping "Belkin n+" ping: unknown host Belkin n+

Now

$ ping Belkin\040n+ ping: unknown host Belkin040n+ $ ping Belkin%20n+ ping: unknown host Belkin%20n+ $ ping "Belkin n+" PING Belkin n+ (192.168.2.1) 56(84) bytes of data. ^C64 bytes from 192.168.2.1: icmp_req=1 ttl=64 time=0.436 ms

mount via terminal
$ sudo mkdir /media/Belkin $ sudo mount -t cifs "//BELKIN N+/Voyager/" /media/Belkin -o guest $ tree /media/Belkin | head -6 /media/Belkin ├── apc.php ├── bios │   ├── bios.cfg │   ├── bios.lst │   ├── DQ965GF.IMA.gz

mount via /etc/fstab
Add this line to auto mount. Spaces need to be in octal, other characters can also be too.


 * Note, to test run "sudo mount -a" after editing, however you need to have manually made /media/Belkin if so. If rebooted, the dir will be made automatically.

//BELKIN\040N+/Voyager/ /media/Belkin cifs guest 0 0 //\102\105\114\113\111\116\040\116\053/\126\157\171\141\147\145\162/ /media/Belkin cifs guest 0 0
 * 1) or even somewhat cryptically to stop the average nosey poker looking in your fstab

AD password change
smbpasswd -r  -U

Troubleshooting
Do you get this?

The folder contents could not be displayed. Sorry, could not display all the contents of "XXX XXXXXXXX": Invalid argument

ls: reading directory xxxxx: Object is remote

Make sure you have the correct search domains set to your windows domain name(s) for all parts of the DFS servers it traverses over, this should come from DHCP option 15. You can add these into network manager or directly (but not permanently if using Ubuntu > 12.10) in /etc/resolv.conf. Unmount and remount the shares for this to have any effect. [There is no obvious error in wireshark if this is the problem, but if you look on a machine it works on it will be connecting differently to non FQDN servers, probably the root ones]

example resolv.conf from 12.10

nameserver 127.0.1.1 search xxx.xx.xx.xx search yyy.xx.xx.xx search xx.xx.xx
 * 1) Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
 * 2)     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN