Can't mount DFS

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read how to get help
Post Reply
markkrj
Level 1
Level 1
Posts: 1
Joined: Fri Feb 09, 2018 7:27 am

Can't mount DFS

Post by markkrj » Fri Feb 09, 2018 7:56 am

I use Linux Mint at my work place, and since I upgraded to Mint 18.3, my DFS shares in /etc/fstab stopped working. Digging a bit I found that it was because Samba now defaults to SMB3 and DFS won't mount unless I specify 'vers=1.0'. It seems that there was a problem with cifs protocol, that was fixed early this month (https://bugzilla.samba.org/show_bug.cgi?id=12917). Mounting the share directly, without using the DFS namespace (like changing //domain.tld/share$ for //server.domain.tld/share), it will work with whatever SMB version I try, but it is not a good solution, since I can connect to a non active server of the DFS namespace and end up overwriting my co-workers things or getting my files overwritten by them. So I have a couple of questions..

1 - What are the risks of using SMB1 to access the DFS shares at my local domain? My iptables is strictly configured....
2 - Is there a chance of Linux Mint backporting that cifs fix to Mint 18.3?
3 - Mounting the DFS share by gvfs (like with Nemo) is still working, is it using SMB1?

altair4
Level 18
Level 18
Posts: 8961
Joined: Tue Feb 03, 2009 10:27 am

Re: Can't mount DFS

Post by altair4 » Fri Feb 09, 2018 9:07 am

Not familiar with DFS so in that context:
Samba now defaults to SMB3
3 - Mounting the DFS share by gvfs (like with Nemo) is still working, is it using SMB1?
There are two different "Samba's" at play here. The Linux Kernel starting with 4.13 does change the default smb dialect for CIFS from SMB1 to SMB3. But gvfs uses a smbclient library and that is still set to SMB1 - at least at the moment.
2 - Is there a chance of Linux Mint backporting that cifs fix to Mint 18.3?
I seriously doubt it.
1 - What are the risks of using SMB1 to access the DFS shares at my local domain? My iptables is strictly configured....
That's the part I can't answer. You seem to have your own local network and have your own network-wide security measures in place as well as firewalls on each host so .... Plus if your network administrator thought SMB1 was an issue he would have disabled it on the server.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.

Post Reply

Return to “Other networking topics”