[Info-vax] CIFS trust handshake intermittent

Rod Regier rregier at dymaxion.ca
Thu Feb 25 13:31:52 EST 2016 

My organization's HP CIFS (SAMBA) server users are intermittently 
encountering password prompting when creating access to shares 
via a BAT file with NET USE commands.

My speculation is that some "X-factor" on the LAN or Windows primary domain controller is causing this issue.  If it's a factor external to CIFS (SAMBA) and OpenVMS, HP support is going to be less helpful in reaching a resolution, thus my posting here.

Any ideas for resolution or further investigation?

Thanks

Background:

[extract] 

echo [ creating OpenVMS server drive mappings ]
net use r: \\dyma\r
net use s: \\dyma\s
net use q: \\dyma\q

This prompting doesn't happen when the trust relationship between
CIFS and the Primary Domain Controller is working properly.

Executing a NET RPC TESTJOIN on the CIFS (SAMBA) server
resolves the underlying fault issue.
Re-run of the same PC workstation batch file then works ok.

                 \\

We are not aware of any changes to the SAMBA binaries,
control files, OpenVMS/ALpha O/S or the TCPIP Services for OpenVMS products
that would impact on this issue.

   - OpenVMS/Alpha version 8.4
     - O/S patch level
       - DEC AXPVMS VMS84A_DRIVER V3.0
       - DEC AXPVMS VMS84A_LAN V2.0
       - DEC AXPVMS VMS84A_RMS V5.0
       - DEC AXPVMS VMS84A_SYS V6.0
       - DEC AXPVMS VMS84A_UPDATE V10.0
       - Update V11 pending install
   - OpenVMS SAMBA V1.2-010-PS02_1
     - SAMBA patch level - no known higher
   - TCPIP Services for OpenVMS
     - Version V5.7 - ECO 5
       - DEC AXPVMS TELNET_PAT V5.7-13ECO5A

SMB.CONF:

# See http://wiki/dymax/CIFS_distribution_repositories
# and DYM$EXTRA:[HPPRODUCTS.CIFS.ALPV11ECO1]*releasenotes.txt for
# supplementary documentation for the following settings.

# Global parameters
[global]
#
#  Disable master browser heartbeat
#
        domain master = no
        local master = no
        preferred master = no
        os level = 0
#
#       Server 2008R2 and above crypto enable
#
        require strongkey = yes
#
        server string = Samba %v running on %h (OpenVMS)
        workgroup = WILMA
        netbios name = %h
        security = DOMAIN
        encrypt passwords = Yes
        name resolve order = lmhosts host wins bcast
        Password server = *
        log file = /samba$log/log.%m
        printcap name = /sys$manager/ucx$printcap.dat
        guest account = DYMAX
        print command = print %f/queue=%p/delete/passall/name="""""%s"""""
        lprm command = delete/entry=%j
        map archive = No
        printing = OpenVMS
#        log level = 10
#
#CIFS Adm Gde 1.1 p.27
#
        vfs objects = varvfc
#
# protection defaulting
# -  CIFS Rel Nts 1.1E1 p.11-PS010 explains the meaning of the
#    following settings.
#
                create mask = 07777
                force create mode = 06770
                directory mask = 07777
                force directory mode = 06770
#
# ECO1 PS006 case 3606126938 16:51 Atl Ed Orr suggestion
#
#PS010        inherit owner = no
#
# ECO1 PS006 case 3606229568 10-Jun-2009 18:41 Atl Paul Nunez suggestion
# for MS OFFICE WORD 2003/2007 and similar application file creations 
# that force their own security settings rather than 
# depend on the server defaults
#
                security mask = 07777
                force security mode = 06770
                directory security mask = 07777
                force directory security mode = 06770
[Q]
        Comment = I64 Application shared tree and OS
        path = /DYM$SYS_V/000000
        read only = No
        guest ok = Yes
#
#CIFS Rel Nts 1.1E1 p.11 (stream* and Streamlf are the supported values)
#
        vms rms format = stream
[R]
        comment = alternate application data store
        path = /DYM$EXTRA/000000
        read only = No
        guest ok = Yes
#
#CIFS Rel Nts 1.1E1 p.11 (stream* and Streamlf are the supported values)
#
        vms rms format = stream
[S]
        comment = Alpha Application shared tree and OS
        path = /dym$disk/000000
        read only = No
        guest ok = Yes
#
#CIFS Rel Nts 1.1E1 p.11 (stream* and Streamlf are the supported values)
#
        vms rms format = stream
[QL]
        Comment = I64 Application shared tree and OS (stream LF)
        path = /DYM$SYS_V/000000
        read only = No
        guest ok = Yes
#
#CIFS Rel Nts 1.1E1 p.11 (stream* and Streamlf are the supported values)
#
        vms rms format = streamlf
[RL]
        comment = alternate application data store (stream LF)
        path = /DYM$EXTRA/000000
        read only = No
        guest ok = Yes
#
#CIFS Rel Nts 1.1E1 p.11 (stream* and Streamlf are the supported values)
#
        vms rms format = streamlf
[SL]
        comment = Alpha Application shared tree and OS (stream LF)
        path = /dym$disk/000000
        read only = No
        guest ok = Yes
#
#CIFS Rel Nts 1.1E1 p.11 (stream* and Streamlf are the supported values)
#
        vms rms format = streamlf
[printers]
        comment = All Printers
        path = /dym$disk/smb_scr
        create mask = 0700
        guest ok = Yes
        printable = Yes
        browseable = No

More information about the Info-vax mailing list