Ubuntu DFS smbclient cifs gvfs

From richud.com
Jump to: navigation, search

Work Domain


Assuming Ubuntu 12.04

cifs-utils = basic cifs mount

sudo apt-get install cifs-utils


To view the shares

U logon

W (accounts) domain (NOT same as Domain= which is domain the server is in, not account)

$ smbclient -L //xxxxxxxxxx -U xxxx -W XXX
Enter xxxx's password: 
Domain=[XXX] OS=[Windows Server 2008 R2 Standard 7601 Service Pack 1] Server=[Windows Server 2008 R2 Standard 6.1]

	Sharename       Type      Comment
	---------       ----      -------
	simon           Disk      
	john            Disk      
	ADMIN$          Disk      Remote Admin
	admin-col       Printer   HP 4700
	C$              Disk      Default share

To get a dir style interface you need to put a share suffix, i.e

  • Note,you must put some share after the server //xxx.xx.xx.xx e.g. //xxx.xx.xx.xx/root/ otherwise nothing will be show.
$ smbclient //xxx.xx.xx.xx/root/ -U xxxx -W XXX
Enter xxxx's password: 
Domain=[EEE] OS=[Windows Server (R) 2008 Enterprise 6002 Service Pack 2] Server=[Windows Server (R) 2008 Enterprise 6.0]
smb: \> ls
  .                                   D        0  Sun Jun 17 20:03:46 2012
  ..                                  D        0  Sun Jun 17 20:03:46 2012
  BackupStore2                        D        0  Thu May 17 20:00:05 2012
  Departments                         D        0  Tue May 22 13:58:56 2012
  Manager                             D        0  Fri Oct 29 14:28:44 2010
  Profiles                            D        0  Fri Oct 29 14:28:44 2010

		34985 blocks of size 2097152. 25972 blocks available
smb: \> quit

Spaces need quotes in an odd way;

smb: \Departments\> cd xxx yyy\
smb: \Departments\> cd "xxx yyy"\
smb: \Departments\xxx yyy\>


This is what nautilus uses.

WORKGROUP (DOMAIN) needs to be in CAPS (can be DDD or FQDN DDD.xx.xx.xx)

$ gvfs-mount smb://xxx.xx.xx.xx/root/
Password required for share root on xxx.xx.xx.xx
User [aaaa]: xxxx
  • Note, whatever you enter for [WORKGROUP] doesn't always make the account relative to it, (as smbclient can manage with W option (above).) On accounts that exist in one domain and not the other it seems to be ok but when same account exists in both it seems not to work

i.e. if you specify credentials DDD\xxxx (and if EEE\xxxx and DDD\xxxx both exist) , it seems to carry on using EEE\xxxx



via terminal

  • Note, by default it connects as UID/GID 0 which is root, you will need to change this otherwise you will get access denied errors as it creates structure with root only access. Append ,gid=uuu,uid=uuu to your options line, where uuu is your login name and group name (probably the same). Alternatively you can force full access to everything by appending ,file_mode=0777,dir_mode=0777 instead.
  • Note, quotes around spaces
  • Note, domain = the domain that the account is in, not what the server you are connecting to is a member of.
  • Note, domain can be in any case but MUST NOT be FQDN, i.e. DDD or ddd but NOT ddd.dd.dd.dd, either in the credentials file or on command line.
  • Note, DONT be tempted to mount under /media/ as gvfs will start going mental and creating dozens of new mounts for each folder under DFS. Use /mnt and create bookmarks instead. (In Nautilus)

Make sure the target folder (mount point) exist, create it with sudo and it is fine to leave it with root only permissions (default)

$ sudo mount -t cifs "//xxx.xx.xx.xx/root/" /mnt/xxx.xx.xx.xx -o user=xxxx,pass="yyy yyyy",dom=DDD,gid=uuu,uid=uuu

OR using a credentials file containing

  • Note, don't need quotes around spaces, and user/pass/dom are now written in full words.
password=yyy yyyy
$ sudo mount -t cifs "//xxx.xx.xx.xx/root/" /mnt/xxx.xx.xx.xx -o credentials=/home/xxxx/.smbcreds,gid=uuu,uid=uuu

via /etc/fstab

  • Note, Make sure the target folder exist, create it with sudo and it is fine to leave it with root only permissions (default)
  • Note conversely to credentials on the command line, quoted spaces need replacing with \040, i.e. user=xxxx,pass="yyy yyyy",dom=DDD becomes user=xxxx,pass=yyy\040yyyy,dom=DDD
//xxx.xx.xx.xx/root/ /mnt/xxx.xx.xx.xx/ cifs credentials=/home/xxxx/.smbcreds,gid=uuu,uid=uuu
//xxx.xx.xx.xx/root/ /mnt/xxx.xx.xx.xx/ cifs user=xxxx,pass=yyy\040yyyy,dom=DDD,gid=uuu,uid=uuu

Local Workgroup


Assuming Ubuntu 12.04

cifs-utils = basic cifs mount via IP only

winbind = hostname resolution

sudo apt-get install cifs-utils winbind

For this example im using my Belkin wireless router (F5D8235-4 v1000) running my own custom firmware that shares out any USB stick in it. (standard firmware does this too)


On local network, will show shares etc,

  • Note, -N stops using password (assume user guest?) which is needed for router.

(Voyager is an automounted USB stick on the router.)

$ smbtree -N
	\\BELKIN N+      		BELKIN N+
		\\BELKIN N+\ADMIN$         	IPC Service ("BELKIN N+")
		\\BELKIN N+\IPC$           	IPC Service ("BELKIN N+")
		\\BELKIN N+\Voyager


  • Note, Spaces must be in quotes, not replaced with %20
$ smbclient -L "//BELKIN N+/" -N
Domain=[BELKIN] OS=[Unix] Server=[Samba 3.0.2]

	Sharename       Type      Comment
	---------       ----      -------
	Voyager         Disk      
	IPC$            IPC       IPC Service ("BELKIN N+")
	ADMIN$          IPC       IPC Service ("BELKIN N+")
Domain=[BELKIN] OS=[Unix] Server=[Samba 3.0.2]

	Server               Comment
	---------            -------
	BELKIN N+            BELKIN N+

	Workgroup            Master
	---------            -------
	BELKIN               BELKIN N+

Spaces to %20 = fail

$ smbclient -L //BELKIN%20N+/Voyager/ -N
Connection to BELKIN%20N+ failed (Error NT_STATUS_BAD_NETWORK_NAME)


  • Note, gvfs mounts in your home/.gvfs directory, this is what Nautilus uses.
  • Note, gvfs can either replace spaces with %20 or quote whole URL
$ gvfs-mount smb://belkin%20N+/Voyager
$ gvfs-mount "smb://belkin N+/Voyager"
$ tree ~/.gvfs/ | head -6
└── voyager on belkin n+
    ├── apc.php
    ├── bios
    │   ├── bios.cfg
    │   ├── bios.lst


winbind, nsswitch.conf

  • Note, cifs needs winbind to work, else it wont be able to resolve the names to IP's (you can use ip's instead and negate winbind)
  • Install winbind and fix the line like this in /etc/nsswitch.conf - I had problems putting wins first in the past (cant remember what/why now), seems to work best at the end so it is the last lookup method.
hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4 wins

ping is easiest way to see if it now works, to add a space you need to use quotes, other methods don't work. case doesn't matter.


$ ping "Belkin n+"
ping: unknown host Belkin n+


$ ping Belkin\040n+
ping: unknown host Belkin040n+
$ ping Belkin%20n+
ping: unknown host Belkin%20n+
$ ping "Belkin n+"
PING Belkin n+ ( 56(84) bytes of data.
^C64 bytes from icmp_req=1 ttl=64 time=0.436 ms

mount via terminal

$ sudo mkdir /media/Belkin
$ sudo mount -t cifs "//BELKIN N+/Voyager/" /media/Belkin -o guest
$ tree /media/Belkin | head -6
├── apc.php
├── bios
│   ├── bios.cfg
│   ├── bios.lst
│   ├── DQ965GF.IMA.gz

mount via /etc/fstab

Add this line to auto mount. Spaces need to be in octal, other characters can also be too.

  • Note, to test run "sudo mount -a" after editing, however you need to have manually made /media/Belkin if so. If rebooted, the dir will be made automatically.
//BELKIN\040N+/Voyager/ /media/Belkin cifs guest 0 0
#or even somewhat cryptically to stop the average nosey poker looking in your fstab
//\102\105\114\113\111\116\040\116\053/\126\157\171\141\147\145\162/ /media/Belkin cifs guest 0 0

AD password change

smbpasswd -r <domain-server> -U <user name>


Do you get this?

The folder contents could not be displayed.
Sorry, could not display all the contents of "XXX XXXXXXXX": Invalid argument
ls: reading directory xxxxx: Object is remote

Make sure you have the correct search domains set to your windows domain name(s) for all parts of the DFS servers it traverses over, this should come from DHCP option 15. You can add these into network manager or directly (but not permanently if using Ubuntu > 12.10) in /etc/resolv.conf. Unmount and remount the shares for this to have any effect. [There is no obvious error in wireshark if this is the problem, but if you look on a machine it works on it will be connecting differently to non FQDN servers, probably the root ones]

example resolv.conf from 12.10

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
search xxx.xx.xx.xx
search yyy.xx.xx.xx
search xx.xx.xx


blog comments powered by Disqus