Expand all | Collapse all

SMB authentication error with domain account

  • 1.  SMB authentication error with domain account

    Posted Tue June 02, 2020 05:55 AM

    I am using SIQ v to scan CIFS shares. The process working until there was a migration on the servers hosting the shares, and now I can't connect on them. Originally there were some connectivity issues as I was getting Unable to connect to domain controller errors, but I think those are resolved now. I am still getting Unexpected exception: nt_create_andx failed errcode=4 in the DS web UI though.

    I enabled debug mode on SMB and I checked the siqsmb0.out log. There I found the following trace:

    [2020-06-02 12:30:50,133] WARN [-1574987261@qtp-275832707-0] storediq.siqcifs.httpserver.httpcommands.ReadDirectoryCommand [readDirectory] exception error reading directory: [authentication failed [share: #<SmbShareInfo :server-name XXXXX :share-name FILE_SHARE$ :user-name XXXXXX>]]
    [2020-06-02 12:30:50,133] DEBUG [-1574987261@qtp-275832707-0] storediq.siqcifs.httpserver.httpcommands.ReadDirectoryCommand [readDirectory] stacktrace:
    storediq.siqcifs.exceptions.SmbAuthenticationException: authentication failed [share: #<SmbShareInfo :server-name XXXXX :share-name FILE_SHARE$ :user-name XXXXXX>]
    at storediq.siqcifs.exceptions.SmbExceptionFactory.convertException( ~[siqsmb-1.0.2.jar:?]​

    I also found these messages:

    [2020-06-02 12:30:49,042] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTransportImpl Got referral DfsReferralData[pathConsumed=0,server=vfie-legacy.local,share=null,link=null,path=null,ttl=0,expiration=1591090549035,remain=299993]
    [2020-06-02 12:30:49,042] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTreeImpl Usage dropped to zero, release session
    [2020-06-02 12:30:49,042] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbSessionImpl Usage dropped to zero, release connection Transport1[DNS_NAME/DNS_IP:445,state=3,signingEnforced=true,usage=2]
    [2020-06-02 12:30:49,042] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTransportPoolImpl New transport connection Transport2[<00>/SHARE_IP:445,state=0,signingEnforced=false,usage=1]
    [2020-06-02 12:30:49,043] DEBUG [-1574987261@qtp-275832707-0] jcifs.util.transport.Transport Connecting Transport2
    [2020-06-02 12:30:49,043] DEBUG [Transport2] jcifs.smb.SmbTransportImpl Connecting in state 1 addr SHARE_IP
    [2020-06-02 12:30:49,048] DEBUG [Transport2] jcifs.smb.SmbTransportImpl Negotiation response on Transport2 :Smb2NegotiateResponse[command=SMB2_NEGOTIATE,status=0,flags=0x0001,mid=1,wordCount=0,byteCount=0,dialectRevision=514,securityMode=0x1,capabilities=0x00000001,serverTime=Tue Jun 02 12:30:49 EEST 2020
    [2020-06-02 12:30:49,048] DEBUG [Transport2] jcifs.smb.SmbTransportImpl Signature negotiation enforced false (server false) enabled true (server true)
    [2020-06-02 12:30:49,048] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTransportImpl Establishing new session SmbSession[credentials=DOMAIN\Username,targetHost=SHARE_IP,targetDomain=null,uid=0,connectionState=0,usage=1] on Transport2
    [2020-06-02 12:30:49,048] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTreeConnection Signatures for file enabled but not required jcifs.smb.SmbTreeConnection@97d361ad
    [2020-06-02 12:30:49,048] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTreeImpl treeConnect: unc=\\SHARE_IP\FILE_SHARE$,service=?????
    [2020-06-02 12:30:49,049] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbSessionImpl sessionSetup: DOMAIN\Username
    [2020-06-02 12:30:49,049] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbSessionImpl Remote host is SHARE_IP
    [2020-06-02 12:30:49,051] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTransportImpl Breaking on error command=SMB2_SESSION_SETUP,status=More data is available.,flags=0x0001,mid=2,wordCount=0,byteCount=0
    [2020-06-02 12:30:49,901] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTransportImpl Insufficient credits, send only first command=SMB2_SESSION_SETUP,status=0,flags=0x0000,mid=0,wordCount=0,byteCount=0 next is command=SMB2_TREE_CONNECT,status=0,flags=0x0000,mid=0,wordCount=0,byteCount=0
    [2020-06-02 12:30:50,042] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbSessionImpl Context is established
    [2020-06-02 12:30:50,042] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTreeConnection Switching tree
    [2020-06-02 12:30:50,043] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTreeConnection Acquired tree on switch SmbTree[share=FILE_SHARE$,service=null,tid=1,inDfs=false,inDomainDfs=false,connectionState=2,usage=2]
    [2020-06-02 12:30:50,044] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTreeConnection Tree connection no longer in use, release tree SmbTree[share=FILE_SHARE$,service=null,tid=1,inDfs=false,inDomainDfs=false,connectionState=2,usage=2]
    [2020-06-02 12:30:50,044] DEBUG [-1574987261@qtp-275832707-0] jcifs.smb.SmbTreeImpl Usage dropped to zero, release session​
     I am not sure where the problem is. Is there still a problem with domain account resolution and that's why I get the authentication failed error? Or is something else I should check?

    Best regards,

    George Katsouris

  • 2.  RE: SMB authentication error with domain account

    Posted Tue June 02, 2020 06:07 AM
    Hi, your version very old, I suggest you switch to the new version 7.6.21.


    Please look jcifs.smb.client.enableSMB2 patameters in knowledge center.

    Best Regards,

    Gökhan ORHON
    IT Manager

  • 3.  RE: SMB authentication error with domain account

    Posted Tue June 02, 2020 06:19 AM
    Hi Gokhan,

    Indeed, our version is a bit old and we may need an upgrade but the weird thing is that up until the file server migration it was working fine. Also, the servers didn't change OS version, they were just moved to a different domain, so there shouldn't be a compatibility issue.

    I will have a look on the SMB2 parameters as per your suggestion, thank you.

    Best regards,

    George Katsouris

  • 4.  RE: SMB authentication error with domain account

    Posted Tue June 02, 2020 08:51 AM
    I tried different parameters in the, but the same issue persists. I even tried disabling SMB2 and using only SMB1 but I had no luck with that. Is there any other way I can check the communication, to find the breakpoint?


    George Katsouris