Hello Hongwei,
So the attached pcap show dfs referral traffic between a S4 and XP hosts.
Where we can see that XP is requesting a level 4 referral and that S4
answers to it with an answer following the specification.
After this XP is blocked or fallback to NTLM auth (not shown in this
capture but in this one: http://www.matws.net/mat/misc/dfs2.pcap.gz).
So I'm wondering if it's normal, maybe XP didn't appreciate the level 4
answers.
Matthieu.
On 19/05/2011 20:23, Hongwei Sun wrote:
Hi, Matthieu,
I need some clarification about your question. I have a problem to match
the packets to what you have described. The trace has only 6 packets. The
following are all the packets in the trace:
1 3:28:33 PM 5/17/2011 0.0000000 172.16.101.16 172.16.101.1 DFSC
DFSC:Get DFS Referral Request, FileName:<empty>, MaxReferralLevel: 3
2 3:28:33 PM 5/17/2011 0.0001600 172.16.101.1 172.16.101.16
DFSC DFSC:Get DFS Referral Response, NumberOfReferrals: 2 VersionNumber: 3
3 3:28:33 PM 5/17/2011 0.1360020 172.16.101.16 172.16.101.1
DFSC DFSC:Get DFS Referral Request, FileName: \w2k8r2.home.matws.net,
MaxReferralLevel: 3
4 3:28:33 PM 5/17/2011 0.1434180 172.16.101.1 172.16.101.16
DFSC DFSC:Get DFS Referral Response, NumberOfReferrals: 1 VersionNumber: 3
5 3:28:33 PM 5/17/2011 0.1440790 172.16.101.16 172.16.101.1
DFSC DFSC:Get DFS Referral Request, FileName: \w2k8r2.home.matws.net\sysvol,
MaxReferralLevel: 4
6 3:28:33 PM 5/17/2011 0.1514540 172.16.101.1 172.16.101.16
DFSC DFSC:Get DFS Referral Response, NumberOfReferrals: 2 VersionNumber: 4
Could you explain more about the configuration of your testing , scenario
as well as the behavior in question? It will be better if you can point out
the packets in question.
Thanks!
Hongwei
-----Original Message-----
From: cifs-protocol-boun...@cifs.org [mailto:cifs-protocol-boun...@cifs.org] On
Behalf Of Matthieu Patou
Sent: Tuesday, May 17, 2011 4:09 PM
To: Interoperability Documentation Help; p...@tridgell.net;
cifs-proto...@samba.org
Subject: [cifs-protocol] dfs referral for sysvol and windows XP
Hello doc help,
While revisiting the DFS implementation for samba I remade some tests with XP
and It seems that when doing the last step in order to resolve
\\domain.tld\sysvol.
Even if we tend to send the same frame, XP comes to samba 4 when asking for a
DC holding \\domain.tld\sysvol. So as we support this level we return entry for
this level.
But then it fails to connect to \\dc.domain.tld\sysvol and keep doing ntlm
connection to \\domain.tld\sysvol.
Is this "normal" ?
I put another capture here: http://www.matws.net/mat/misc/dfs2.pcap.gz
where we can clearly see that the client starts to do NTLM auth to connect to
\\domain.tld.
Thanks for your answers.
Matthieu.
--
Matthieu Patou
Samba Team http://samba.org
Private repo http://git.samba.org/?p=mat/samba.git;a=summary
--
Matthieu Patou
Samba Team http://samba.org
Private repo http://git.samba.org/?p=mat/samba.git;a=summary
_______________________________________________
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol
