Hide Forgot
The 6.2 release has a stack of patches to add support for NTLMSSP authentication to cifs. There is one broken case however -- when NTLMSSP auth is used against samba and SMB signing is enabled, the client currently sends the wrong set of flags in some of the messages. Shirish P fixed this upstream recently, and fixing it for 6.2 would make testing easier: commit a817f5fd6217851742546d6d1ee7d75512be30d0 Author: Shirish Pargaonkar <shirishpargaonkar> Date: Tue Aug 9 14:31:55 2011 -0400 cifs: Fix signing failure when server mandates signing for NTLMSSP
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
Patch(es) available on kernel-2.6.32-188.el6
Test patch "39926", using mount option "sec=ntlmi", test steps are listed below. [root@ibm-x3650-01 ~]# tshark -w output.pcap -i lo tcp port 445 & [1] 30732 [root@ibm-x3650-01 ~]# mount.cifs //localhost/test /mnt/test -o sec=ntlmi,user=root,password=redhat ##stop tshark [root@ibm-x3650-01 ~]# grep BSRSPYL output.pcap Binary file output.pcap matches
Test mounting with sec=ntlmsspi, cifs server uses samba with mandatory signing.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2011-1530.html