I used the DVD image on a flash drive to upgrade this machine from 15.1 to 15.2 KDE. That went well, including multimedia switched to Packman. The only issue I find is that Dolphin and VLC can no longer connect with samba to an external hard drive on our router. (They could in 15.1.) Using the link to the drive in Dolphin Remote gives
Connection to host 192.168.1.1 is broken.
Same response trying to navigate to the drive with VLC. Behavior is the same with firewall on or off.
Dolphin Remote links do work to samba to other machines in the network, such as
smb://192.168.1.145/
Firefox reaches the router admin page at 192.168.1.1
The other network machines are still on 15.1 and reach the network drive correctly.
I get:
howard@X201-oS15KDE:~> smbtree
Enter CANDH\howard's password:
howard@X201-oS15KDE:~> smbtree
In 15.1, smbtree did not request domain password, and did list network items.
/etc/samba/smb.conf global stanza is
[global]
netbios name = X201-oS15KDE
workgroup = CANDH
server string = ""
passdb backend = tdbsam
name resolve order = bcast host lmhosts wins
local master = yes
preferred master = auto
os level = 65
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
# logon path = \\%L\profiles\.msprofile
# logon home = \\%L\%U\.9xprofile
# logon drive = P:
usershare allow guests = No
wins support = No
ldap admin dn =
wins server =
What needs tweaking to get samba access to the network drive with 15.2?
Thanks,
Not enough error info.
Try displaying your system events written to your journal by invoking the following command in an elevated contolse (sudo or su or su -)and leave it open while you try to connect to your samaba share, maybe more useful information will display
This is almost certainly due to the samba server only supporting SMBv1 (insecure and now deprecated protocol) and this now is disabled by default. Your working servers likely support SMBv2+.
What needs tweaking to get samba access to the network drive with 15.2?
Thanks,
It is an SMBv1 issue. I modified smb.conf as you mention, stopped and started smb, and Dolphin accessed the network hard drive OK in 15.2, same as 15.1. I commented the new smb.conf line, restarted smb, and 15.2 access to the drive was lost.
When you say “upgrade all servers”, in our case I take it that means the router. The router’s firmware version says its latest update “Fixed the Samba’s vulnerabilities(CVE-2017-15275).” and the samba web site says that CVE applies to “All versions of Samba from 3.6.0 onward”. The router must still have SMBv1 enabled, and wants to use it for some tasks. Running smbclient in 15.1 gives
howard@HP-oS15KDE:~> smbclient -m SMB3 -L 192.168.1.1 -d 3
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[global]"
Can't find include file /etc/samba/dhcp.conf
directory_create_or_exist_strict: invalid ownership on directory /var/lib/samba/lock/msg.lock
cmdline_messaging_context: Unable to initialize messaging context.
Unable to initialize messaging context
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[global]"
Can't find include file /etc/samba/dhcp.conf
added interface eth0 ip=192.168.1.145 bcast=192.168.1.255 netmask=255.255.255.0
Client started (version 4.9.5-git.296.3dd62eee45elp151.2.21.1-SUSE-oS15.0-x86_64).
Connecting to 192.168.1.1 at port 445
got OID=1.3.6.1.4.1.311.2.2.10
Enter CANDH\howard's password:
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Got challenge flags:
Got NTLMSSP neg_flags=0x628a8215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x62088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088215
Sharename Type Comment
--------- ---- -------
PUBLIC Disk PUBLIC
IPC$ IPC IPC Service ()
Reconnecting with SMB1 for workgroup listing.
Connecting to 192.168.1.1 at port 139
got OID=1.3.6.1.4.1.311.2.2.10
Got challenge flags:
Got NTLMSSP neg_flags=0x628a8215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x62088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088215
Server Comment
--------- -------
Workgroup Master
--------- -------
CANDH BUFFALO DD-WRT
howard@HP-oS15KDE:~>
with the statement “Reconnecting with SMB1 for workgroup listing.”
Running smbclient in 15.2 gives
howard@X201-oS15KDE:~> smbclient -m SMB3 -L 192.168.1.1 -d 3
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[global]"
Can't find include file /etc/samba/dhcp.conf
added interface wlan1 ip=192.168.1.144 bcast=192.168.1.255 netmask=255.255.255.0
Client started (version 4.11.5-git.161.74bc5e6ec8elp152.2.12-SUSE-oS15.0-x86_64).
Connecting to 192.168.1.1 at port 445
protocol negotiation failed: NT_STATUS_CONNECTION_DISCONNECTED
howard@X201-oS15KDE:~>
with “protocol negotiation failed”.
I guess it’s time to start shopping for a new router.
Does your router support some other protocol for your network shares?
Clients like Dolphin and I’d expect VLC can connect to network shares by other protocols, some common are ftp, http, nfs and when possible encrypted versions of those protocols.
BTW -
Unknown how well your router’s SMBv1 patching might work, one of the hazards of using it is to become vulnerable to numerous Ransomware attacks normally directed only at Windows machines.
When you say “upgrade all servers”, in our case I take it that means the router.
Yes, I guessed from the IP address you posted that you’re using the router to provide this service. Perhaps investing in a NAS would be a viable option instead?
I guess it’s time to start shopping for a new router.
You’d be surprised how many vendors are not yet offering SMB v2 or v3 support natively. If wanting to use a router for shared storage, I would look at replacing with a router model compatible with OpenWRT (or DD-WRT ) open source firmwares that offer other file sharing options including the newer SMB protocols.
Current router is a Buffalo WZR-600DHP with Buffalo’s version of DD-WRT v3.0-r30356 std (11/30/17). DD-WRT site has a newer version, beta buffalo_to_ddwrt_webflash-MULTI 06Aug2019-r40559. I guess I’ll flash that and see what happens.
Regards,
Success. I flashed the router with DD-WRT buffalo_to_ddwrt_webflash-MULTI.bin, and now Dolphin and VLC connect to the network hard drive with KDE 15.2. I cannot tell what samba version the router is using, but it is sufficient. New router not required, just a donation to DD-WRT. Now to work through upgrading our other machines.
Cheers,
I cannot tell what samba version the router is using, but it is sufficient. New router not required, just a donation to DD-WRT. Now to work through upgrading our other machines.
Cheers,
You could test from a Linux client using something like
howard@HP-oS15KDE:~> smbclient -m SMB2 -L 192.168.1.1
Enter CANDH\howard's password:
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service ()
PUBLIC Disk PUBLIC
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
CANDH BUFFALO DD-WRT
howard@HP-oS15KDE:~>
howard@HP-oS15KDE:~>
howard@HP-oS15KDE:~> smbclient -m SMB3 -L 192.168.1.1
Enter CANDH\howard's password:
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service ()
PUBLIC Disk PUBLIC
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
CANDH BUFFALO DD-WRT
howard@HP-oS15KDE:~>
SMB1 seems to be lurking about for some tasks.
But network hard drive access works with 15.2 Dolphin and VLC.
Thanks,
Yes, that’s just for workgroup listing (and legacy code in libsmbclient AFAIU). SMB2 is okay to use currently. However, you can force SMB3 in smb.conf if desired with