오류 메시지 CIFS VFS: 프로토콜 재검증 - 보안 설정 불일치

tag-icon tag-icon debian samba xubuntu
오류 메시지 CIFS VFS: 프로토콜 재검증 - 보안 설정 불일치

서버: Debian 8, 클라이언트: 일부 Windows 및 일부 Xubuntu 16.04

Xubuntu 클라이언트를 4.13.0-26으로 업데이트했기 때문에 삼바 공유를 마운트할 수 없습니다.

[20390.135208] No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3 (or SMB2.1) specify vers=1.0 on mount.
[20390.161744] CIFS VFS: protocol revalidation - security settings mismatch
[20390.162553] CIFS VFS: session ffffa06a57c23a00 has no tcon available for a dfs referral request
[20390.163395] CIFS VFS: cifs_mount failed w/return code = -5

나는 이것이 smb-Protokoll과 관련이 있다는 것을 알고 있지만, 내가 사용할 때

testparm -v | grep protocol

내 서버에서는 다음과 같이 말합니다.

Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[profiles]"
Processing section "[netlogon]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[firmendaten]"
Processing section "[downloads]"

Loaded services file OK.
WARNING: You have some share names that are longer than 12 characters.
These may not be accessible to some older clients.
(Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.)
Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

    server max protocol = SMB3
    server min protocol = LANMAN1
    client max protocol = default
    client min protocol = CORE
    client ipc max protocol = default
    client ipc min protocol = default

이것은 내 smb.conf입니다.

[global]
    workgroup = MYGROUP
    passdb backend = tdbsam
    printing = cups
    printcap name = cups
    printcap cache time = 750
    cups options = raw
    map to guest = Bad User
    logon path = \\%L\profiles\.msprofile
    logon home = \\%L\%U\.9xprofile
    logon drive = P:
    usershare allow guests = Yes
        os level = 20
        netbios name = SERVER
    server string = Linux Server 2013
    domain master = yes
        load printers = yes
        allow insecure wide links = yes
        follow symlinks = yes
        wide links = yes
    unix extensions = no


[homes]
    recycle:touch = Yes
    browseable = No
    writeable = yes
    invalid users = daten
    vfs object = recycle 
    recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
    recycle:keeptree = Yes
    comment = Home Directories
    valid users = %S,%D%w%S
    recycle:repository = .Papierkorb
    recycle:versions = Yes
    recycle:directory_mode = 0700
    inherit acls = Yes


[profiles]
    comment = Network Profiles Service
    path = %H
    read only = No
    store dos attributes = Yes
    create mask = 0600
    directory mask = 0700


[netlogon]
    comment = Network Logon Service
    path = /var/lib/samba/netlogon


[printers]
    browseable = no
    writeable = yes
    printable = yes
    path = /var/tmp
    create mask = 0700
    comment = Alle Drucker
    public = yes

[print$]
    path = /var/lib/samba/drivers
    write list = root,@ntadmin
    force group = ntadmin
    create mask = 0664
    comment = Printer Drivers
    directory mask = 0775
    valid users = @firma,@privat

[firmendaten]
    write list = @users
    recycle:excludedir = /tmp,/temp,/cache,.Papierkorb
    force directory mode = 0770
    force group = firma
    recycle:keeptree = Yes
    inherit acls = Yes
    recycle:touch = Yes
    vfs objects = recycle
    writeable = yes
    path = /home/files/firma
    preexec = mkdir -p .Papierkorb
    force create mode = 0770
    recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
    comment = Firmendaten
    valid users = @firma
    create mode = 0770
    recycle:repository = .Papierkorb
    recycle:versions = Yes
    recycle:directory_mode = 0770
    directory mode = 0770

[downloads]
    recycle:excludedir = /tmp,/temp,/cache,.Papierkorb
    write list = @users
    force group = firma
    recycle:keeptree = Yes
    create mask = 0770
    inherit acls = Yes
    recycle:touch = Yes
    vfs objects = recycle
    writable = yes
    path = /home/files/downloads
    preexec = mkdir -p .Papierkorb
    recycle:exclude = *.tmp,*.temp,*.o,*.obj,~$*,*.~??
    directory mask = 0770
    comment = Firmendaten
    recycle:versions = Yes
    recycle:directory_mode = 0770
    recycle:repository = .Papierkorb

내가 아는 바로는 서버가 SMB2 및 SMB3을 지원합니다. 나는 이것을 추가하려고 시도했다

[home]
min protocol = SMB2

각기

[home]
min protocol = SMB3

내가 서버에서 본 것보다 :

server max protocol = SMB3
server min protocol = SMB3

각기

server max protocol = SMB3
server min protocol = SMB2

하지만 여전히 클라이언트를 마운트할 수 없습니다.

이는 클라이언트 fstab의 일부입니다.

//192.168.0.251/firmendaten /home/username/server/firmendaten cifs gid=1000,uid=1000,file_mode=0660,dir_mode=0770,user,noauto,credentials=/home/username/.smbcredentials

보안 프로토콜 SMB2/SMB3을 사용하여 설치하는 방법은 무엇입니까?

미리 감사드립니다!

답변1

해결책을 찾았습니다. 클라이언트 설치 시 버전을 추가하는 데 사용됩니다.

//192.168.0.251/firmendaten /home/username/server/firmendaten cifs gid=1000,uid=1000,file_mode=0660,dir_mode=0770,user,noauto,vers=2.1,credentials=/home/username/.smbcredentials

나는 서버의 smb.conf에서 뭔가를 할 수 있다고 생각했는데 이것도 작동합니다.

관련 정보