Server 2008/Windows 7/Samba Unspecified error 80004005

7

I have a Samba share on a LAN with 2008 PDC/DNS. Smb authenticates with AD and I have several Win7 Machines that can connect fine.

I recently added a couple of new computers to the LAN which were imaged the same way (same software, etc.; different hardware so different drivers) as the other machines and they have the same policies set.

I can not get the new machines to connect to the samba share no matter what. I am always met with either Unspecified Error 0x80004005 or Network Path not found.

I've turned off the firewall; set LANMAN auth to respond to NTLM only/send LM & NTLM responses/use NTLM session security if negotiated in Local Sec Policy > SEcurity Options; tried both ip and hostname to connect.

SMB log shows that authentication succeeds; but then connection is immediately killed by the client.

tcpdump shows nothing remarkable except that when trying to connect from the client via hostname there is an unknown packet type error:

ack 201 win 255 NBT Session Packet: Unknown packet type 0xABData: (41 bytes)

Here's a couple of lines from that error:

11:18:37.964991 IP 001-client.domain.local.49372 > smb.domain.local.netbios-ssn: P 1670:2146(476) ack 201 win 255 NBT Session Packet: Unknown packet type 0xABData: (41 bytes)
[000] AA 46 96 FA D5 99 33 75  0C C4 20 CE 26 42 F3 61  \252F\226\372\325\2313u \014\304 \316&B\363a
[010] F0 8C FB 65 18 17 40 A5  DB 42 BB 94 37 53 92 EC  \360\214\373e\030\027@\245 \333B\273\2247S\222\354
[020] 55 98 7F C4 AE 3D 6B 10  C4                       U\230\177\304\256=k\020 \304

11:18:37.964998 IP smb.domain.local.netbios-ssn > 001-client.domain.local.49372: . ack 2146 win 100

[edit for strike: this turned out to be an issue with arp cache and the client being issued an old ip from dhcp that previously belonged to another machine]

I'm also getting this error consistently:

[2012/09/10 11:50:00.529650,  2] smbd/sesssetup.c:1413(setup_new_vc_session)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.

Here's smb.conf just in case (though don't see how if other machines are working fine):

[global]
    workgroup = MYDOMAIN
    realm = MYDOMAIN.LOCAL
    server string = domain|smb share
    interfaces = eth1
    security = ADS
    password server = 192.168.1.3
    log level = 2
    log file = /var/log/samba/%m.log
    smb ports = 139
    strict locking = no
    load printers = No
    local master = No
    domain master = No
    wins server = 192.168.1.3
    wins support = Yes
    idmap uid = 500-10000000
    idmap gid = 500-10000000
    winbind separator = +
    winbind enum users = Yes
    winbind enum groups = Yes
    winbind use default domain = Yes

[samba-share1]
    comment = SMB Share
    path = /home/share/smb/
    valid users = @"MYDOMAIN+Domain Users"
    admin users = @"MYDOMAIN+Domain Admins"
    guest ok = no
    read only = No
    create mask = 0765
    force directory mode = 0777

Any ideas what else I could try or look for? Or what might be the problem?

Thanks.


Update 1

Noticed on the other machines that Local Security Policy > LAN Manager authentication level was Not Defined. There is no way to set it as such through the LSP editor, so had to go into regedit and delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\lmcompatibilitylevel

However, this didn't solve the issue. Am now met with Accessing the resource '\\smb\share' has been disallowed. or Unspecified Error depending on who I'm logged in as (regular user == former; admin == latter)


Update 2

It's incredibly frustrating when you ask a question on SF and in the interim keep searching for answers only to find a couple of hours later your own question is repeatedly the first google result ;)


Update 3

I ran Wireshark on the client, and so far as I can tell everything on the Samba end is working correctly. I see in a Negotiate Protocol Request an NT Status of STATUS_SUCCESS (which may very well be the authentication success, but don't know).

Everything is pointing to an issue on the Client itself. On other machines, everything works as expected. Including a VM running on my box. It works using both admin and regular user credentials.

NB the client I'm trying to get this working on has Firewall off and no a/v etc for the time being while trying to work this out.

I've updated the NIC driver and there is only 1 iface available. DNS is working and I've matched up all the settings I can find to the working VM and other working machines.

Getting desperate so any ideas would be awesome.

windows-server-2008
windows-7
samba
asked on Server Fault Sep 10, 2012 by stormdrain • edited Sep 10, 2012 by stormdrain

6 Answers

5

So the issue seems to have been that secpol was set to Digitally Sign Communications (Always).

To fix: Secpol.msc > Local Policies > Security Options > Microsoft network client: Digitally sign communications (always) => Disable

Thanks.

edit:

as the-wabbit said, it is better to update samba to handle the requirement rather than disable it so as to maintain security.

answered on Server Fault Sep 11, 2012 by stormdrain • edited Apr 27, 2017 by stormdrain
5

Try to to enable only SMB 2 or 3 on server or just on windows client. In the registry set value on 1 for: AllowInsecureGuestAuth in key: HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\

answered on Server Fault Mar 5, 2019 by Grzegorz Bednarski • edited Jul 4, 2020 by George
3

If the Samba server runs SMBv1, then new machines with Win10 have a problem, since they're missing the SMBv1 client function. To enable that function, follow this guide from windowscentral.com:

  1. Open Control Panel (the good old one, not the "touch" version)
  2. Click on Programs.
  3. Click on Turn Windows features on or off link.
  4. Expand the SMB 1.0/CIFS File Sharing Support option.
  5. Check the SMB 1.0/CIFS Client option.
  6. Click the OK button.
  7. Click the Restart now button (restart is really needed since it needs to install the function when turning off the computer)
answered on Server Fault Aug 6, 2018 by Martin Pecka
2

Set the following registry value to 1

HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\AllowInsecureGuestAuth

If its not there create the value as a DWORD

answered on Server Fault Nov 5, 2018 by diman82
1

I got 0x80004005 permission error:

enter image description here

for another reason I have no active Client for Microsoft Networks in my WiFi dangle Network panel and:

  • Change Network security: LAN Manager Authentication Level to “Send LM & NTLM responses”
  • Change Minimum Session Security for NTLM SSP to disable “Require 128-bit encryption” into “No Minimum Security”.

and possibly:

answered on Server Fault Mar 18, 2014 by gavenkoa
0

In my case this was caused by the server's firewall allowing TCP port 139, but blocking port 445. It seems that Windows 10 always uses port 445, not 139.

answered on Server Fault Jan 30, 2020 by qris

User contributions licensed under CC BY-SA 3.0