Revisions to Cannot mount CIFS althought kinit return me a ticket

Updated EDIT4

Source Link

edited Apr 10 at 12:24

1.9k
2
25
38

$ smbclient -k -d 15 -U [email protected] //myRemoteServer.myDOMAIN.lan/Extension_2```Extension_2
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
WARNING: The option -k|--kerberos is deprecated!
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
Processing section "[global]"
doing parameter workgroup = WORKGROUP
doing parameter server string = %h server (Samba, Ubuntu)
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 1000
doing parameter logging = file
doing parameter panic action = /usr/share/samba/panic-action %d
doing parameter server role = standalone server
doing parameter obey pam restrictions = yes
doing parameter unix password sync = yes
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
doing parameter pam password change = yes
doing parameter map to guest = bad user
doing parameter usershare allow guests = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
added interface ens160 ip=x.y.z.t bcast=x.y.z.255 netmask=255.255.255.0
Client started (version 4.15.13-Ubuntu).
Opening cache file at /run/samba/gencache.tdb
tdb(/run/samba/gencache.tdb): tdb_open_ex: could not open file /run/samba/gencache.tdb: Permission denied
gencache_init: Opening user cache file /home/administrateur/.cache/samba/gencache.tdb.
sitename_fetch: No stored sitename for realm ''
internal_resolve_name: looking up myRemoteServer.myDOMAIN.lan#20 (sitename (null))
namecache_fetch: name myRemoteServer.myDOMAIN.lan#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Connecting to x.y.z.138 at port 445
socket options: SO_KEEPALIVE=0, SO_REUSEADDR=0, SO_BROADCAST=0, TCP_NODELAY=1, TCP_KEEPCNT=9, TCP_KEEPIDLE=7200, TCP_KEEPINTVL=75, IPTOS_LOWDELAY=0, IPTOS_THROUGHPUT=0, SO_REUSEPORT=0, SO_SNDBUF=87040, SO_RCVBUF=131072, SO_SNDLOWAT=1, SO_RCVLOWAT=1, SO_SNDTIMEO=0, SO_RCVTIMEO=0, TCP_QUICKACK=1, TCP_DEFER_ACCEPT=0, TCP_USER_TIMEOUT=0
 session request ok
 negotiated dialect[SMB3_11] against server[myRemoteServer.myDOMAIN.lan]
cli_session_setup_spnego_send: Connect to myRemoteServer.myDOMAIN.lan as [email protected] using SPNEGO
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gse_krb5
gensec_update_send: gse_krb5[0x5618cd09cc80]: subreq: 0x5618cd07fe30
gensec_update_send: spnego[0x5618cd0966d0]: subreq: 0x5618cd09afa0
gensec_update_done: gse_krb5[0x5618cd09cc80]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x5618cd07fe30/../../source3/librpc/crypto/gse.c:848]: state[2] error[0 (0x0)]  state[struct gensec_gse_update_state (0x5618cd07fff0)] timer[(nil)] finish[../../source3/librpc/crypto/gse.c:859]
gensec_update_done: spnego[0x5618cd0966d0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x5618cd09afa0/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)]  state[struct gensec_spnego_update_state (0x5618cd09b160)] timer[(nil)] finish[../../auth/gensec/spnego.c:2116]
SPNEGO login failed: The attempted logon is invalid. This is either due to a bad username or authentication information.
session setup failed: NT_STATUS_LOGON_FAILURE
$

And without the -U .... :

$ smbclient -k -d 15 //myRemoteServer.myDOMAIN.lan/Extension_2
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
WARNING: The option -k|--kerberos is deprecated!
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
Processing section "[global]"
doing parameter workgroup = WORKGROUP
doing parameter server string = %h server (Samba, Ubuntu)
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 1000
doing parameter logging = file
doing parameter panic action = /usr/share/samba/panic-action %d
doing parameter server role = standalone server
doing parameter obey pam restrictions = yes
doing parameter unix password sync = yes
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
doing parameter pam password change = yes
doing parameter map to guest = bad user
doing parameter usershare allow guests = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
added interface ens160 ip=x.y.z.246 bcast=x.y.z.255 netmask=255.255.255.0
Client started (version 4.15.13-Ubuntu).
Opening cache file at /run/samba/gencache.tdb
tdb(/run/samba/gencache.tdb): tdb_open_ex: could not open file /run/samba/gencache.tdb: Permission denied
gencache_init: Opening user cache file /home/administrateur/.cache/samba/gencache.tdb.
sitename_fetch: No stored sitename for realm ''
internal_resolve_name: looking up myRemoteServer.myDOMAIN.lan#20 (sitename (null))
namecache_fetch: name myRemoteServer.myDOMAIN.lan#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Connecting to x.y.z.t at port 445
socket options: SO_KEEPALIVE=0, SO_REUSEADDR=0, SO_BROADCAST=0, TCP_NODELAY=1, TCP_KEEPCNT=9, TCP_KEEPIDLE=7200, TCP_KEEPINTVL=75, IPTOS_LOWDELAY=0, IPTOS_THROUGHPUT=0, SO_REUSEPORT=0, SO_SNDBUF=87040, SO_RCVBUF=131072, SO_SNDLOWAT=1, SO_RCVLOWAT=1, SO_SNDTIMEO=0, SO_RCVTIMEO=0, TCP_QUICKACK=1, TCP_DEFER_ACCEPT=0, TCP_USER_TIMEOUT=0
 session request ok
 negotiated dialect[SMB3_11] against server[myRemoteServer.myDOMAIN.lan]
cli_session_setup_spnego_send: Connect to myRemoteServer.myDOMAIN.lan as [email protected] using SPNEGO
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gse_krb5
gensec_update_send: gse_krb5[0x55920886daf0]: subreq: 0x559208850e30
gensec_update_send: spnego[0x55920886a4f0]: subreq: 0x55920886be10
gensec_update_done: gse_krb5[0x55920886daf0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x559208850e30/../../source3/librpc/crypto/gse.c:848]: state[2] error[0 (0x0)]  state[struct gensec_gse_update_state (0x559208850ff0)] timer[(nil)] finish[../../source3/librpc/crypto/gse.c:859]
gensec_update_done: spnego[0x55920886a4f0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x55920886be10/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)]  state[struct gensec_spnego_update_state (0x55920886bfd0)] timer[(nil)] finish[../../auth/gensec/spnego.c:2116]
SPNEGO login failed: The attempted logon is invalid. This is either due to a bad username or authentication information.
session setup failed: NT_STATUS_LOGON_FAILURE
$

$ smbclient -k -d 15 -U [email protected] //myRemoteServer.myDOMAIN.lan/Extension_2```
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
WARNING: The option -k|--kerberos is deprecated!
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
Processing section "[global]"
doing parameter workgroup = WORKGROUP
doing parameter server string = %h server (Samba, Ubuntu)
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 1000
doing parameter logging = file
doing parameter panic action = /usr/share/samba/panic-action %d
doing parameter server role = standalone server
doing parameter obey pam restrictions = yes
doing parameter unix password sync = yes
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
doing parameter pam password change = yes
doing parameter map to guest = bad user
doing parameter usershare allow guests = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
added interface ens160 ip=x.y.z.t bcast=x.y.z.255 netmask=255.255.255.0
Client started (version 4.15.13-Ubuntu).
Opening cache file at /run/samba/gencache.tdb
tdb(/run/samba/gencache.tdb): tdb_open_ex: could not open file /run/samba/gencache.tdb: Permission denied
gencache_init: Opening user cache file /home/administrateur/.cache/samba/gencache.tdb.
sitename_fetch: No stored sitename for realm ''
internal_resolve_name: looking up myRemoteServer.myDOMAIN.lan#20 (sitename (null))
namecache_fetch: name myRemoteServer.myDOMAIN.lan#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Connecting to x.y.z.138 at port 445
socket options: SO_KEEPALIVE=0, SO_REUSEADDR=0, SO_BROADCAST=0, TCP_NODELAY=1, TCP_KEEPCNT=9, TCP_KEEPIDLE=7200, TCP_KEEPINTVL=75, IPTOS_LOWDELAY=0, IPTOS_THROUGHPUT=0, SO_REUSEPORT=0, SO_SNDBUF=87040, SO_RCVBUF=131072, SO_SNDLOWAT=1, SO_RCVLOWAT=1, SO_SNDTIMEO=0, SO_RCVTIMEO=0, TCP_QUICKACK=1, TCP_DEFER_ACCEPT=0, TCP_USER_TIMEOUT=0
 session request ok
 negotiated dialect[SMB3_11] against server[myRemoteServer.myDOMAIN.lan]
cli_session_setup_spnego_send: Connect to myRemoteServer.myDOMAIN.lan as [email protected] using SPNEGO
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gse_krb5
gensec_update_send: gse_krb5[0x5618cd09cc80]: subreq: 0x5618cd07fe30
gensec_update_send: spnego[0x5618cd0966d0]: subreq: 0x5618cd09afa0
gensec_update_done: gse_krb5[0x5618cd09cc80]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x5618cd07fe30/../../source3/librpc/crypto/gse.c:848]: state[2] error[0 (0x0)]  state[struct gensec_gse_update_state (0x5618cd07fff0)] timer[(nil)] finish[../../source3/librpc/crypto/gse.c:859]
gensec_update_done: spnego[0x5618cd0966d0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x5618cd09afa0/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)]  state[struct gensec_spnego_update_state (0x5618cd09b160)] timer[(nil)] finish[../../auth/gensec/spnego.c:2116]
SPNEGO login failed: The attempted logon is invalid. This is either due to a bad username or authentication information.
session setup failed: NT_STATUS_LOGON_FAILURE
$

$ smbclient -k -d 15 -U [email protected] //myRemoteServer.myDOMAIN.lan/Extension_2
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
WARNING: The option -k|--kerberos is deprecated!
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
Processing section "[global]"
doing parameter workgroup = WORKGROUP
doing parameter server string = %h server (Samba, Ubuntu)
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 1000
doing parameter logging = file
doing parameter panic action = /usr/share/samba/panic-action %d
doing parameter server role = standalone server
doing parameter obey pam restrictions = yes
doing parameter unix password sync = yes
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
doing parameter pam password change = yes
doing parameter map to guest = bad user
doing parameter usershare allow guests = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
added interface ens160 ip=x.y.z.t bcast=x.y.z.255 netmask=255.255.255.0
Client started (version 4.15.13-Ubuntu).
Opening cache file at /run/samba/gencache.tdb
tdb(/run/samba/gencache.tdb): tdb_open_ex: could not open file /run/samba/gencache.tdb: Permission denied
gencache_init: Opening user cache file /home/administrateur/.cache/samba/gencache.tdb.
sitename_fetch: No stored sitename for realm ''
internal_resolve_name: looking up myRemoteServer.myDOMAIN.lan#20 (sitename (null))
namecache_fetch: name myRemoteServer.myDOMAIN.lan#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Connecting to x.y.z.138 at port 445
socket options: SO_KEEPALIVE=0, SO_REUSEADDR=0, SO_BROADCAST=0, TCP_NODELAY=1, TCP_KEEPCNT=9, TCP_KEEPIDLE=7200, TCP_KEEPINTVL=75, IPTOS_LOWDELAY=0, IPTOS_THROUGHPUT=0, SO_REUSEPORT=0, SO_SNDBUF=87040, SO_RCVBUF=131072, SO_SNDLOWAT=1, SO_RCVLOWAT=1, SO_SNDTIMEO=0, SO_RCVTIMEO=0, TCP_QUICKACK=1, TCP_DEFER_ACCEPT=0, TCP_USER_TIMEOUT=0
 session request ok
 negotiated dialect[SMB3_11] against server[myRemoteServer.myDOMAIN.lan]
cli_session_setup_spnego_send: Connect to myRemoteServer.myDOMAIN.lan as [email protected] using SPNEGO
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gse_krb5
gensec_update_send: gse_krb5[0x5618cd09cc80]: subreq: 0x5618cd07fe30
gensec_update_send: spnego[0x5618cd0966d0]: subreq: 0x5618cd09afa0
gensec_update_done: gse_krb5[0x5618cd09cc80]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x5618cd07fe30/../../source3/librpc/crypto/gse.c:848]: state[2] error[0 (0x0)]  state[struct gensec_gse_update_state (0x5618cd07fff0)] timer[(nil)] finish[../../source3/librpc/crypto/gse.c:859]
gensec_update_done: spnego[0x5618cd0966d0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x5618cd09afa0/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)]  state[struct gensec_spnego_update_state (0x5618cd09b160)] timer[(nil)] finish[../../auth/gensec/spnego.c:2116]
SPNEGO login failed: The attempted logon is invalid. This is either due to a bad username or authentication information.
session setup failed: NT_STATUS_LOGON_FAILURE
$

And without the -U .... :

$ smbclient -k -d 15 //myRemoteServer.myDOMAIN.lan/Extension_2
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
WARNING: The option -k|--kerberos is deprecated!
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
Processing section "[global]"
doing parameter workgroup = WORKGROUP
doing parameter server string = %h server (Samba, Ubuntu)
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 1000
doing parameter logging = file
doing parameter panic action = /usr/share/samba/panic-action %d
doing parameter server role = standalone server
doing parameter obey pam restrictions = yes
doing parameter unix password sync = yes
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
doing parameter pam password change = yes
doing parameter map to guest = bad user
doing parameter usershare allow guests = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
added interface ens160 ip=x.y.z.246 bcast=x.y.z.255 netmask=255.255.255.0
Client started (version 4.15.13-Ubuntu).
Opening cache file at /run/samba/gencache.tdb
tdb(/run/samba/gencache.tdb): tdb_open_ex: could not open file /run/samba/gencache.tdb: Permission denied
gencache_init: Opening user cache file /home/administrateur/.cache/samba/gencache.tdb.
sitename_fetch: No stored sitename for realm ''
internal_resolve_name: looking up myRemoteServer.myDOMAIN.lan#20 (sitename (null))
namecache_fetch: name myRemoteServer.myDOMAIN.lan#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Connecting to x.y.z.t at port 445
socket options: SO_KEEPALIVE=0, SO_REUSEADDR=0, SO_BROADCAST=0, TCP_NODELAY=1, TCP_KEEPCNT=9, TCP_KEEPIDLE=7200, TCP_KEEPINTVL=75, IPTOS_LOWDELAY=0, IPTOS_THROUGHPUT=0, SO_REUSEPORT=0, SO_SNDBUF=87040, SO_RCVBUF=131072, SO_SNDLOWAT=1, SO_RCVLOWAT=1, SO_SNDTIMEO=0, SO_RCVTIMEO=0, TCP_QUICKACK=1, TCP_DEFER_ACCEPT=0, TCP_USER_TIMEOUT=0
 session request ok
 negotiated dialect[SMB3_11] against server[myRemoteServer.myDOMAIN.lan]
cli_session_setup_spnego_send: Connect to myRemoteServer.myDOMAIN.lan as [email protected] using SPNEGO
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gse_krb5
gensec_update_send: gse_krb5[0x55920886daf0]: subreq: 0x559208850e30
gensec_update_send: spnego[0x55920886a4f0]: subreq: 0x55920886be10
gensec_update_done: gse_krb5[0x55920886daf0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x559208850e30/../../source3/librpc/crypto/gse.c:848]: state[2] error[0 (0x0)]  state[struct gensec_gse_update_state (0x559208850ff0)] timer[(nil)] finish[../../source3/librpc/crypto/gse.c:859]
gensec_update_done: spnego[0x55920886a4f0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x55920886be10/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)]  state[struct gensec_spnego_update_state (0x55920886bfd0)] timer[(nil)] finish[../../auth/gensec/spnego.c:2116]
SPNEGO login failed: The attempted logon is invalid. This is either due to a bad username or authentication information.
session setup failed: NT_STATUS_LOGON_FAILURE
$

Added EDIT4

Source Link

edited Apr 10 at 10:13

SebMa

1.9k
2
25
38

EDIT4 : Tried in debug mode with smbclient -k -d 15 :

$ smbclient -k -d 15 -U [email protected] //myRemoteServer.myDOMAIN.lan/Extension_2```
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
WARNING: The option -k|--kerberos is deprecated!
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
Processing section "[global]"
doing parameter workgroup = WORKGROUP
doing parameter server string = %h server (Samba, Ubuntu)
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 1000
doing parameter logging = file
doing parameter panic action = /usr/share/samba/panic-action %d
doing parameter server role = standalone server
doing parameter obey pam restrictions = yes
doing parameter unix password sync = yes
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
doing parameter pam password change = yes
doing parameter map to guest = bad user
doing parameter usershare allow guests = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
added interface ens160 ip=x.y.z.t bcast=x.y.z.255 netmask=255.255.255.0
Client started (version 4.15.13-Ubuntu).
Opening cache file at /run/samba/gencache.tdb
tdb(/run/samba/gencache.tdb): tdb_open_ex: could not open file /run/samba/gencache.tdb: Permission denied
gencache_init: Opening user cache file /home/administrateur/.cache/samba/gencache.tdb.
sitename_fetch: No stored sitename for realm ''
internal_resolve_name: looking up myRemoteServer.myDOMAIN.lan#20 (sitename (null))
namecache_fetch: name myRemoteServer.myDOMAIN.lan#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Connecting to x.y.z.138 at port 445
socket options: SO_KEEPALIVE=0, SO_REUSEADDR=0, SO_BROADCAST=0, TCP_NODELAY=1, TCP_KEEPCNT=9, TCP_KEEPIDLE=7200, TCP_KEEPINTVL=75, IPTOS_LOWDELAY=0, IPTOS_THROUGHPUT=0, SO_REUSEPORT=0, SO_SNDBUF=87040, SO_RCVBUF=131072, SO_SNDLOWAT=1, SO_RCVLOWAT=1, SO_SNDTIMEO=0, SO_RCVTIMEO=0, TCP_QUICKACK=1, TCP_DEFER_ACCEPT=0, TCP_USER_TIMEOUT=0
 session request ok
 negotiated dialect[SMB3_11] against server[myRemoteServer.myDOMAIN.lan]
cli_session_setup_spnego_send: Connect to myRemoteServer.myDOMAIN.lan as [email protected] using SPNEGO
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gse_krb5
gensec_update_send: gse_krb5[0x5618cd09cc80]: subreq: 0x5618cd07fe30
gensec_update_send: spnego[0x5618cd0966d0]: subreq: 0x5618cd09afa0
gensec_update_done: gse_krb5[0x5618cd09cc80]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x5618cd07fe30/../../source3/librpc/crypto/gse.c:848]: state[2] error[0 (0x0)]  state[struct gensec_gse_update_state (0x5618cd07fff0)] timer[(nil)] finish[../../source3/librpc/crypto/gse.c:859]
gensec_update_done: spnego[0x5618cd0966d0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x5618cd09afa0/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)]  state[struct gensec_spnego_update_state (0x5618cd09b160)] timer[(nil)] finish[../../auth/gensec/spnego.c:2116]
SPNEGO login failed: The attempted logon is invalid. This is either due to a bad username or authentication information.
session setup failed: NT_STATUS_LOGON_FAILURE
$

EDIT4 : Tried in debug mode with smbclient -k -d 15 :

$ smbclient -k -d 15 -U [email protected] //myRemoteServer.myDOMAIN.lan/Extension_2```
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
WARNING: The option -k|--kerberos is deprecated!
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
  all: 15
  tdb: 15
  printdrivers: 15
  lanman: 15
  smb: 15
  rpc_parse: 15
  rpc_srv: 15
  rpc_cli: 15
  passdb: 15
  sam: 15
  auth: 15
  winbind: 15
  vfs: 15
  idmap: 15
  quota: 15
  acls: 15
  locking: 15
  msdfs: 15
  dmapi: 15
  registry: 15
  scavenger: 15
  dns: 15
  ldb: 15
  tevent: 15
  auth_audit: 15
  auth_json_audit: 15
  kerberos: 15
  drs_repl: 15
  smb2: 15
  smb2_credits: 15
  dsdb_audit: 15
  dsdb_json_audit: 15
  dsdb_password_audit: 15
  dsdb_password_json_audit: 15
  dsdb_transaction_audit: 15
  dsdb_transaction_json_audit: 15
  dsdb_group_audit: 15
  dsdb_group_json_audit: 15
Processing section "[global]"
doing parameter workgroup = WORKGROUP
doing parameter server string = %h server (Samba, Ubuntu)
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 1000
doing parameter logging = file
doing parameter panic action = /usr/share/samba/panic-action %d
doing parameter server role = standalone server
doing parameter obey pam restrictions = yes
doing parameter unix password sync = yes
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
doing parameter pam password change = yes
doing parameter map to guest = bad user
doing parameter usershare allow guests = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
added interface ens160 ip=x.y.z.t bcast=x.y.z.255 netmask=255.255.255.0
Client started (version 4.15.13-Ubuntu).
Opening cache file at /run/samba/gencache.tdb
tdb(/run/samba/gencache.tdb): tdb_open_ex: could not open file /run/samba/gencache.tdb: Permission denied
gencache_init: Opening user cache file /home/administrateur/.cache/samba/gencache.tdb.
sitename_fetch: No stored sitename for realm ''
internal_resolve_name: looking up myRemoteServer.myDOMAIN.lan#20 (sitename (null))
namecache_fetch: name myRemoteServer.myDOMAIN.lan#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Connecting to x.y.z.138 at port 445
socket options: SO_KEEPALIVE=0, SO_REUSEADDR=0, SO_BROADCAST=0, TCP_NODELAY=1, TCP_KEEPCNT=9, TCP_KEEPIDLE=7200, TCP_KEEPINTVL=75, IPTOS_LOWDELAY=0, IPTOS_THROUGHPUT=0, SO_REUSEPORT=0, SO_SNDBUF=87040, SO_RCVBUF=131072, SO_SNDLOWAT=1, SO_RCVLOWAT=1, SO_SNDTIMEO=0, SO_RCVTIMEO=0, TCP_QUICKACK=1, TCP_DEFER_ACCEPT=0, TCP_USER_TIMEOUT=0
 session request ok
 negotiated dialect[SMB3_11] against server[myRemoteServer.myDOMAIN.lan]
cli_session_setup_spnego_send: Connect to myRemoteServer.myDOMAIN.lan as [email protected] using SPNEGO
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gse_krb5
gensec_update_send: gse_krb5[0x5618cd09cc80]: subreq: 0x5618cd07fe30
gensec_update_send: spnego[0x5618cd0966d0]: subreq: 0x5618cd09afa0
gensec_update_done: gse_krb5[0x5618cd09cc80]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x5618cd07fe30/../../source3/librpc/crypto/gse.c:848]: state[2] error[0 (0x0)]  state[struct gensec_gse_update_state (0x5618cd07fff0)] timer[(nil)] finish[../../source3/librpc/crypto/gse.c:859]
gensec_update_done: spnego[0x5618cd0966d0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x5618cd09afa0/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)]  state[struct gensec_spnego_update_state (0x5618cd09b160)] timer[(nil)] finish[../../auth/gensec/spnego.c:2116]
SPNEGO login failed: The attempted logon is invalid. This is either due to a bad username or authentication information.
session setup failed: NT_STATUS_LOGON_FAILURE
$

Updated EDIT3.

Source Link

edited Apr 10 at 10:02

SebMa

1.9k
2
25
38

$ sudo mount.cifs "//myRemoteServer.myDOMAIN.lan/Extension_2" /mnt/remoteShare/ --verbose -r -o [email protected],vers=3,sec=krb5i
mount.cifs kernel mount options: ip=x.y.z.t1,unc=\\myRemoteServer.myDOMAIN.lan\Extension_2,vers=3,sec=krb5i,[email protected],pass=********
mount.cifs kernel mount options: ip=x.y.z.t1,unc=\\myRemoteServer.myDOMAIN.lan\Extension_2,vers=3,sec=krb5i,cruid=1000,[email protected],pass=********
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
$ echo $?
32
$ dmesg -T | tail
[Tue Apr  9 19:10:02 2024] CIFS: VFS: \\PAR-ADN-SYN02\\myRemoteServer.ORIONmyDOMAIN.lan Send error in SessSetup = -13
[Tue Apr  9 19:10:02 2024] CIFS: VFS: cifs_mount failed w/return code = -13
[Tue Apr  9 19:10:20 2024] CIFS: Attempting to mount \\PAR-ADN-SYN02\\myRemoteServer.ORIONmyDOMAIN.lan\Extension_2
[Tue Apr  9 19:10:20 2024] CIFS: VFS: Verify user has a krb5 ticket and keyutils is installed
[Tue Apr  9 19:10:20 2024] CIFS: VFS: \\PAR-ADN-SYN02\\myRemoteServer.ORIONmyDOMAIN.lan Send error in SessSetup = -126
[Tue Apr  9 19:10:20 2024] CIFS: VFS: cifs_mount failed w/return code = -126
[Tue Apr  9 19:10:20 2024] CIFS: Attempting to mount \\PAR-ADN-SYN02\\myRemoteServer.ORIONmyDOMAIN.lan\Extension_2
[Tue Apr  9 19:10:20 2024] CIFS: Status code returned 0xc000006d STATUS_LOGON_FAILURE
[Tue Apr  9 19:10:20 2024] CIFS: VFS: \\PAR-ADN-SYN02\\myRemoteServer.ORIONmyDOMAIN.lan Send error in SessSetup = -13
[Tue Apr  9 19:10:20 2024] CIFS: VFS: cifs_mount failed w/return code = -13
$

$ smbclient -k -U [email protected] //x.ymyRemoteServer.zmyDOMAIN.t1lan/Extension_2
WARNING: The option -k|--kerberos is deprecated!
Kerberos auth with '[email protected]' (\[email protected]) to access 'x.y.z.t1' not possible
session setup failed: NT_STATUS_ACCESS_DENIED
$

$ sudo mount.cifs "//myRemoteServer.myDOMAIN.lan/Extension_2" /mnt/remoteShare/ --verbose -r -o [email protected],vers=3,sec=krb5i
mount.cifs kernel mount options: ip=x.y.z.t1,unc=\\myRemoteServer.myDOMAIN.lan\Extension_2,vers=3,sec=krb5i,[email protected],pass=********
mount.cifs kernel mount options: ip=x.y.z.t1,unc=\\myRemoteServer.myDOMAIN.lan\Extension_2,vers=3,sec=krb5i,cruid=1000,[email protected],pass=********
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
$ echo $?
32
$ dmesg -T | tail
[Tue Apr  9 19:10:02 2024] CIFS: VFS: \\PAR-ADN-SYN02.ORION.lan Send error in SessSetup = -13
[Tue Apr  9 19:10:02 2024] CIFS: VFS: cifs_mount failed w/return code = -13
[Tue Apr  9 19:10:20 2024] CIFS: Attempting to mount \\PAR-ADN-SYN02.ORION.lan\Extension_2
[Tue Apr  9 19:10:20 2024] CIFS: VFS: Verify user has a krb5 ticket and keyutils is installed
[Tue Apr  9 19:10:20 2024] CIFS: VFS: \\PAR-ADN-SYN02.ORION.lan Send error in SessSetup = -126
[Tue Apr  9 19:10:20 2024] CIFS: VFS: cifs_mount failed w/return code = -126
[Tue Apr  9 19:10:20 2024] CIFS: Attempting to mount \\PAR-ADN-SYN02.ORION.lan\Extension_2
[Tue Apr  9 19:10:20 2024] CIFS: Status code returned 0xc000006d STATUS_LOGON_FAILURE
[Tue Apr  9 19:10:20 2024] CIFS: VFS: \\PAR-ADN-SYN02.ORION.lan Send error in SessSetup = -13
[Tue Apr  9 19:10:20 2024] CIFS: VFS: cifs_mount failed w/return code = -13
$

$ smbclient -U [email protected] //x.y.z.t1/Extension_2
WARNING: The option -k|--kerberos is deprecated!
Kerberos auth with '[email protected]' (\[email protected]) to access 'x.y.z.t1' not possible
session setup failed: NT_STATUS_ACCESS_DENIED
$

$ sudo mount.cifs "//myRemoteServer.myDOMAIN.lan/Extension_2" /mnt/remoteShare/ --verbose -r -o [email protected],vers=3,sec=krb5i
mount.cifs kernel mount options: ip=x.y.z.t1,unc=\\myRemoteServer.myDOMAIN.lan\Extension_2,vers=3,sec=krb5i,[email protected],pass=********
mount.cifs kernel mount options: ip=x.y.z.t1,unc=\\myRemoteServer.myDOMAIN.lan\Extension_2,vers=3,sec=krb5i,cruid=1000,[email protected],pass=********
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
$ echo $?
32
$ dmesg -T | tail
[Tue Apr  9 19:10:02 2024] CIFS: VFS: \\myRemoteServer.myDOMAIN.lan Send error in SessSetup = -13
[Tue Apr  9 19:10:02 2024] CIFS: VFS: cifs_mount failed w/return code = -13
[Tue Apr  9 19:10:20 2024] CIFS: Attempting to mount \\myRemoteServer.myDOMAIN.lan\Extension_2
[Tue Apr  9 19:10:20 2024] CIFS: VFS: Verify user has a krb5 ticket and keyutils is installed
[Tue Apr  9 19:10:20 2024] CIFS: VFS: \\myRemoteServer.myDOMAIN.lan Send error in SessSetup = -126
[Tue Apr  9 19:10:20 2024] CIFS: VFS: cifs_mount failed w/return code = -126
[Tue Apr  9 19:10:20 2024] CIFS: Attempting to mount \\myRemoteServer.myDOMAIN.lan\Extension_2
[Tue Apr  9 19:10:20 2024] CIFS: Status code returned 0xc000006d STATUS_LOGON_FAILURE
[Tue Apr  9 19:10:20 2024] CIFS: VFS: \\myRemoteServer.myDOMAIN.lan Send error in SessSetup = -13
[Tue Apr  9 19:10:20 2024] CIFS: VFS: cifs_mount failed w/return code = -13
$

$ smbclient -k -U [email protected] //myRemoteServer.myDOMAIN.lan/Extension_2
WARNING: The option -k|--kerberos is deprecated!
session setup failed: NT_STATUS_ACCESS_DENIED
$

Added EDIT3

Source Link

edited Apr 10 at 8:20

SebMa

1.9k
2
25
38

Loading

Added EDIT2

Source Link

edited Apr 9 at 17:06

SebMa

1.9k
2
25
38

Loading

Added EDIT1

Source Link

edited Apr 9 at 16:53

SebMa

1.9k
2
25
38

Loading

Added EDIT0

Source Link

edited Apr 9 at 16:37

SebMa

1.9k
2
25
38

Loading

deleted 17 characters in body

Source Link

edited Apr 9 at 12:40

SebMa

1.9k
2
25
38

Loading

Source Link

asked Apr 9 at 9:52

SebMa

1.9k
2
25
38

Loading

Stack Exchange Network

Return to Question