You are here: Foswiki>KnowledgeBase Web>TestNetworkShares (08 Jun 2024, NickDemou)Edit Attach

Testing Samba and Windows Shares

see also https://wiki.samba.org/index.php/Troubleshooting_Samba_Domain_Members
see also https://wiki.samba.org/index.php/Samba_Member_Server_Troubleshooting

From a client with nmap test for firewall issues

nmap -p139,445 $HOST # these 2 ports should be open
nmap -sU -p137,138,445 $HOST # all 3 ports should be reported as maybe* open (open/filtered)

*: -sU does a UDP test and it's not easy to test for open UDP ports like for TCP ports

On the Samba server

# test if config is OK
testparm -s | head
# check service status
systemctl status smb.service # or smbd
# view open files
smbstatus
# view latest logs
find /var/log/samba -type f -size +1c -mmin -1|xargs -i bash -c 'echo {}; tail -5 {}|grep -v "^ *$"'
# tail -f /var/log/samba/log.smbd
tail -f /var/log/samba/log.smbd | grep --line-buffered -v 'JSON auth logs not\|log_no_json\|Processing section\|param.loadparm\|^\['|grep --line-buffered 'NT_[A-Z_]*\|$'

On a windows client (powershell) 

$SERVER='192.168.0.251'
$SHARE='test'
ping $SERVER
net view \\$SERVER
net use P: "\\$SERVER\$SHARE" /persistent:no /user:DomainName\UserName
# After the test un-map the drive letter from the share
net use P: /delete

Either on the samba server or on a Linux client

HOST=192.168.0.251
ping $HOST
smbclient -L $HOST -U% # try a guest login
smbclient -L hostname -I $HOST -U administrator
...
$SHARE Type Comment
--------- ---- -------
shared Disk
IPC$ IPC IPC Service (Samba 4.4.4)

smbclient //$HOST/$SHARE -U administrator
Anonymous login successful
Domain=[WORKGROUP] OS=[Windows 6.1] Server=[Samba 4.4.4]
smb: \> ls
. D 0 Mon Apr 24 16:51:11 2017
.. DR 0 Wed Apr 12 14:28:35 2017
a-file 22 Sun Apr 23 01:16:49 2017

smb: \> get a-file
getting file \a-file of size 22 as a-file (10.7 KiloBytes/sec) (average 7.2 KiloBytes/sec)

Examples from rock @ dimopoulos

smbclient -L 192.168.32.2 -U% # try a guest login
smbclient -L 192.168.32.2 -U administrator # try with administrator account
smbclient //192.168.32.2/ergotaxio -U administrator

Other commands

smbtree

smbtree - A text based smb network browser

-D|--domains

Only print a list of all the domains known on broadcast or by the master browser

-S|--servers

Only print a list of all the domains and servers responding on broadcast or known by the master
browser.

-dn |--debuglevel=n (3 is detailed)

-k|--kerberos

Try to authenticate with kerberos. Only useful in an Active Directory environment.

-N|--no-pass

-U|--user=username[%password]

Example: smbtree -N -d3

lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
added interface eth1 ip=192.168.0.163 bcast=192.168.0.255 netmask=255.255.255.0
resolve_lmhosts: Attempting lmhosts lookup for name METRO<0x1d> <---domain name
name_resolve_bcast: Attempting broadcast lookup for name METRO<0x1d>
Got a positive name query response from 192.168.0.142 ( 192.168.0.142 )
Connecting to host=192.168.0.142
Connecting to host=192.168.0.142
Connecting to 192.168.0.142 at port 445
Doing spnego session setup (blob length=16)
server didn't supply a full spnego negprot
Got challenge flags:
Got NTLMSSP neg_flags=0x628a8215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
name_resolve_bcast: Attempting broadcast lookup for name MSBROWSE<0x1>
Got a positive name query response from 192.168.0.142 ( 192.168.0.142 )
Connecting to host=192.168.0.142
Connecting to 192.168.0.142 at port 445
Doing spnego session setup (blob length=16)
server didn't supply a full spnego negprot
Got challenge flags:
Got NTLMSSP neg_flags=0x628a8215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
METRO
Connecting to host=192.168.0.142
Connecting to 192.168.0.142 at port 445
Doing spnego session setup (blob length=16)
server didn't supply a full spnego negprot
Got challenge flags:
Got NTLMSSP neg_flags=0x628a8215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215

\\OFFICE %office

Connecting to host=OFFICE
resolve_lmhosts: Attempting lmhosts lookup for name OFFICE<0x20>
resolve_wins: Attempting wins lookup for name OFFICE<0x20>
resolve_wins: WINS server resolution selected and no WINS servers listed.
resolve_hosts: Attempting host lookup for name OFFICE<0x20>
Connecting to 192.168.0.163 at port 445
Doing spnego session setup (blob length=58)
got OID=1.3.6.1.4.1.311.2.2.10
got principal=NONE
Got challenge flags:
Got NTLMSSP neg_flags=0x608a8215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
SPNEGO login failed: Logon failure

\\OFFICE\LEXMARKE120n LEXMARK E120
\\OFFICE\HP_Photosmart_C5200_series HP Photosmart C5200 series
\\OFFICE\Cups-PDF Cups-PDF
\\OFFICE\IPC$ IPC Service (%office)
\\OFFICE\print$

Other net use commands 

# CAUTION: THE PASSWORD WILL BE RECORDED ON POWERSHELL HISTORY
net use P: \\$SERVER\$SHARE SuperSecretPass /user:DomainName\UserName
# -or-
net use P: \\$SERVER\$SHARE SuperSecretPass /user:DomainName\UserName /savecred /p:yes
Edit  | Attach | Print version | History: r4 < r3 < r2 < r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r4 - 08 Jun 2024, NickDemou
Copyright © enLogic