Operating System - OpenVMS
1747980 Members
3871 Online
108756 Solutions
New Discussion юеВ

Re: Cloned CIFS not accessible

 
EdgarZamora
Trusted Contributor

Cloned CIFS not accessible

OpenVMS ALPHA 8.3 on ES45 with up-to-date patches, HP TCP/IP 5.7-12 ECO4, no running DECnet network, CIFS 1.2 ECO 1.

 

I have a system (above) called ALPHA and I "clone" it (using backend SAN cloning of all the disks).  I boot up the clone on another ES45  keeping all SYSGEN parameters, etc. the same, except for the IP address.  Externally, in corporate network's DNS, I defined the name DRALPHA to point to this clone's IP address.  I reconfigured the Samba computer name to be DRALPHA instead of ALPHA and I join the AD as a member.  My problem is that I cannot access the shares on the cloned system.  On a Windows PC I can do \\ALPHA and it will show the shares, but if I do \\DRALPHA  I get a popup window asking for username and password.  Can someone point me to the right direction of where to investigate?  I found a log file in the VAR directory which contained these entries...

 

[2014/05/21 12:02:35, 0] SAMBA$SRC:[SOURCE.LIB]UTIL_SOCK.C;1:(533)
read_data: read failure for 4 bytes to client 10.8.4.254. Error = connection reset by peer
[2014/05/21 12:03:05, 0] SAMBA$SRC:[SOURCE.LIB]UTIL_SOCK.C;1:(533)
read_data: read failure for 4 bytes to client 10.8.4.254. Error = connection reset by peer
[2014/05/21 12:36:20, 0] SAMBA$SRC:[SOURCE.LIB]UTIL_SOCK.C;1:(533)
read_data: read failure for 4 bytes to client 10.8.4.254. Error = connection reset by peer

 

Thanks!

 

(in case you haven't guessed, I am testing Disaster Recovery)

9 REPLIES 9
Steven Schweda
Honored Contributor

Re: Cloned CIFS not accessible

 
Jess Goodman
Esteemed Contributor

Re: Cloned CIFS not accessible

Can you access a specifiic share using "\\DRALPHA\share_name"   ?

 

What are the differences in the two node's SAMBA$ROOT:[LIB]SMB.CONF  or any other samba configuration fiiles that you use?

 

Do any of these .CONF files use %h to specify something node-specific, such as:

include = samba$root:[lib]%h_specific_smb.conf

 

What do these commands show?

$ TCPIP SHOW SERVICE/FULL  SMTP

$ TCPIP SHOW SERVICE/FULL  SMTP445

 

Jess

I have one, but it's personal.
Colin Butcher
Esteemed Contributor

Re: Cloned CIFS not accessible

SMB is a separate protocol. It might use TCPIP as a transport, but it's also making use of NetBIOS. It will hold information about the server name and so on. It's also joined to an existing network, or is it's own stand-alone server. You've changed the TCPIP hostname and IP address, maybe the subnet too. You're probably going to need to edit the SMB.CONF file to reflect the changes you made after cloning. You're probably going to have to redo the NET RPC JOIN or whatever you did on the primary node. Other entities on the network knew about the original machine, now you're expecting them to magically know about the new machine as well. You might need to make changes to static routes, hostnames, network device mapping (see LANCP), etc.

 

You're going to have to build up a list of things to change after cloning, then see if you can automate the changes via DCL and perhaps TPU to automate configuration file editing. A surprisingly large number of things don't like having stuff change under their feet, which is why cloning a system disc can lead to interesting complications.

 

Worth making sure you have all the CIFS patches applied too - there's been quite a number of patch sets released over time, including earlier this year.

Entia non sunt multiplicanda praeter necessitatem (Occam's razor).
Hoff
Honored Contributor

Re: Cloned CIFS not accessible

If you figure out the differences for Samba / CIFS, please post them or send'm along, and I'll add them to The List Of Things To Change When You Change The OpenVMS Host Name.

EdgarZamora
Trusted Contributor

Re: Cloned CIFS not accessible

My responses are below...

I do very little with CIFS, so I know nothing, but ... > [...] On a Windows PC I can do \\ALPHA and it will show the shares, > but if I do \\DRALPHA I get a popup window asking for username and > password. [...] What, exactly, does "I can do \\ALPHA" mean? Are you browsing in Windows Explorer, or issuing some command to some shell, or what?
>> Yes, you can do the \\ALPHA in Windows Explorer (or from the Start button,etc.)
Whatever you really did, why would this response be unexpected? Why (and how) should this "a Windows PC" know which username and password to use with this new system, DRALPHA, which it has never seen before?
>> It is unexpected because I reconfigured the CIFS to have a different Netbios name (DRALPHA) and joined the Domain. So.. the domain knows DRALPHA and I should be able to access it with my domain logged-on ID.
Did you supply a valid username and password? Did it work then?

>> Yes, but it still wouldn't work (the error I can derive from the log files is (and I am entering the correct username and password)...

[2014/05/28 14:04:42, 5] SAMBA$SRC:[SOURCE.RPC_PARSE]PARSE_PRS.C;1:(768)
001c status : NT_STATUS_WRONG_PASSWORD

   When CIFS was first configured on the old system, ALPHA, did this "a
Windows PC" already know which username and password to use with it, or
did you need to answer the same question(s) there and then (once, I
assume)?

>> No, I did not have to enter a username and password. Note that "a Windows PC" is not a very detailed description of anything.

>> I stated "A Windows PC" because I've actually tried this on 3 different PC's (Windows 7, Windows 8, and Windows Server 2008)
EdgarZamora
Trusted Contributor

Re: Cloned CIFS not accessible

Can you access a specifiic share using "\\DRALPHA\share_name"   ?

 

>> Nope.

 

What are the differences in the two node's SAMBA$ROOT:[LIB]SMB.CONF  or any other samba configuration fiiles that you use?

 

>> Since DRALPHA is a clone, the only difference is in the file CORE_SMB.CONF, where I changed the Netbios name to DRALPHA:

 

[global]
netbios name = DRALPHA
workgroup = SOURCEINTERLINK
security = DOMAIN
passdb backend = tdbsam
domain master = no
domain logons = no
log file = /samba$root/var/%h_%m.log
username map = /samba$root/lib/username.map
printing = OpenVMS
load printers = no

 

 

Do any of these .CONF files use %h to specify something node-specific, such as:

include = samba$root:[lib]%h_specific_smb.conf

 

>> Yes.  Internally to the VMS system, the nodename has not changed (i.e. I did not change the SCSNODE or SCSSYSTEMID, just reconfigured TCP/IP to have a different IP, subnet, etc.)

 

What do these commands show?

$ TCPIP SHOW SERVICE/FULL  SMTP

$ TCPIP SHOW SERVICE/FULL  SMTP445

 

>> Not sure what SMTP has to do with this.

EdgarZamora
Trusted Contributor

Re: Cloned CIFS not accessible

Hi Colin.  Yes, I changed the Netbios name and rejoined the domain.  I raised the SMBD debug level to 8, and one thing that I think might cause a problem is that the SIDs of both nodes, ALPHA and DRALPHA, are the same:

 

SOURCE> net getlocalsid
SID for domain ALPHA is: S-1-5-21-1265573044-3733834046-877286299
SOURCE>

 

SOURCE> net getlocalsid
SID for domain DRALPHA is: S-1-5-21-1265573044-3733834046-877286299
SOURCE>

 

This is the track I am following now.  I haven't yet figured out how to change the SID though.

 

 

Update:  It's not the SID.  Reinstalled CIFS, DRALPHA has a different SID now.  Still having the same problem though.

Jess Goodman
Esteemed Contributor

Re: Cloned CIFS not accessible

>> Not sure what SMTP has to do with this.

 

Sorry, what I meant of course was, what is the output from these  commands?

$ TCPIP SHOW SERVICE /FULL SMBD

$ TCPIP SHOW SERVICE /FULL SMBD445

 

A new question - how does your config files define the "interfaces ="

and "bind interfaces only =" configuration parameters?

 

Jess

 

I have one, but it's personal.
EdgarZamora
Trusted Contributor

Re: Cloned CIFS not accessible

Sorry Jess.  I was really busy and didn't think.  Of course you meant SMBD...

 

SOURCE> tcpip sho service smbd /full

Service: SMBD
State: Enabled
Port: 139 Protocol: TCP Address: 0.0.0.0
Inactivity: 5 User_name: SAMBA$SMBD Process: SMBD
Limit: 50 Active: 0 Peak: 0

File: SAMBA$ROOT:[BIN]SAMBA$SMBD_STARTUP.COM
Flags: Listen

Socket Opts: Rcheck Scheck
Receive: 0 Send: 0

Log Opts: None
File: SAMBA$ROOT:[VAR]SAMBA$SMBD_STARTUP.LOG

Security
Reject msg: not defined
Accept host: 0.0.0.0
Accept netw: 0.0.0.0
SOURCE> tcpip sho service smbd445 /full

Service: SMBD445
State: Enabled
Port: 445 Protocol: TCP Address: 0.0.0.0
Inactivity: 5 User_name: SAMBA$SMBD Process: SMBD445
Limit: 50 Active: 1 Peak: 1

File: SAMBA$ROOT:[BIN]SAMBA$SMBD_STARTUP.COM
Flags: Listen

Socket Opts: Rcheck Scheck
Receive: 0 Send: 0

Log Opts: None
File: SAMBA$ROOT:[VAR]SAMBA$SMBD_STARTUP.LOG

Security
Reject msg: not defined
Accept host: 0.0.0.0
Accept netw: 0.0.0.0
SOURCE>

 

Regarding interfaces...

 

 Restrict Network interfaces: no

 bind interfaces only = no