smb.smb_structs.OperationFailure: Failed to list shares: Unable to connect to IPC$

[jsivak]

When trying to access a Samba 3.0.33-3.40el5_10 server (which seems to be the main version on a CentOS 5 system) I'm getting the following traceback:

Traceback (most recent call last): File "ap_67_app/scripts/smbtest.py", line 116, in main() File "ap_67_app/scripts/smbtest.py", line 86, in main shares = conn.listShares(timeout=120) File "/home/jsivak/projects/ap_67_ve/lib/python2.7/site-packages/smb/SMBConnection.py", line 148, in listShares self._pollForNetBIOSPacket(timeout) File "/home/jsivak/projects/ap_67_ve/lib/python2.7/site-packages/smb/SMBConnection.py", line 535, in _pollForNetBIOSPacket self.feedData(data) File "/home/jsivak/projects/ap_67_ve/lib/python2.7/site-packages/nmb/base.py", line 54, in feedData self._processNMBSessionPacket(self.data_nmb) File "/home/jsivak/projects/ap_67_ve/lib/python2.7/site-packages/nmb/base.py", line 75, in _processNMBSessionPacket self.onNMBSessionMessage(packet.flags, packet.data) File "/home/jsivak/projects/ap_67_ve/lib/python2.7/site-packages/smb/base.py", line 137, in onNMBSessionMessage if self._updateState(self.smb_message): File "/home/jsivak/projects/ap_67_ve/lib/python2.7/site-packages/smb/base.py", line 1497, in _updateState_SMB1 req.callback(message, **req.kwargs) File "/home/jsivak/projects/ap_67_ve/lib/python2.7/site-packages/smb/base.py", line 1757, in connectCB errback(OperationFailure('Failed to list shares: Unable to connect to IPC$', messages_history)) File "/home/jsivak/projects/ap_67_ve/lib/python2.7/site-packages/smb/SMBConnection.py", line 142, in eb raise failure smb.smb_structs.OperationFailure: Failed to list shares: Unable to connect to IPC$ ==================== SMB Message 0 ====================

SMB Header:

Command: 0x75 (SMB_COM_TREE_CONNECT_ANDX) Status: NTSTATUS=0x00000000 Flags: 0x08 Flags2: 0xC841 PID: 9173 UID: 100 MID: 4 TID: 0 Security: 0x0000000000000000 Parameters: 8 bytes ff00000008000100 Data: 49 bytes 005c005c004600410052004d002d004d004f00520031002d005300520056005c00490050004300240000003f3f3f3f3f00

SMB Data Packet (hex):

ff534d4275000000000841c80000000000000000000000000000d5236400040004ff000000080001003100005c005c004600410052004d002d004d004f00520031002d005300520056005c00490050004300240000003f3f3f3f3f00 ==================== SMB Message 1 ====================

SMB Header:

Command: 0x75 (SMB_COM_TREE_CONNECT_ANDX) Status: NTSTATUS=0xC0000022 Flags: 0x88 Flags2: 0xC801 PID: 9173 UID: 100 MID: 4 TID: 0 Security: 0x0000000000000000 Parameters: 0 bytes

Data: 0 bytes

SMB Data Packet (hex):

ff534d4275220000c08801c80000000000000000000000000000d52364000400000000

[miketeo]

Hi, can you verify that you are able to access the shared folders from a Windows machine using the same ID/password?

[craigmaloney]

• Michael Teo ([email protected]) wrote:

  Hi, can you verify that you are able to access the shared folders from a Windows machine using the same ID/password?

I can verify that using smbclient on the same machine we're able to connect without an issue.

[miketeo]

Are you able to run 2 tcpdump / wireshark packet captures? First one for the communications between pysmb and your server. Second one for the communications between smbclient and your server.

Thanks.

[jsivak]

Sorry for the delay, I've got 3 files: One showing the "bad" / broken case (connecting to Samba 3.0.33), another showing a working share listing via the smbclient, and the last capture is a working pcap to a Samba 3.6.9 server.

I can't seem to attach them here, how do you want me to provide them to you?

[jsivak]

I sent you an email on 2014.07.30.. let me know if you didn't receive. Thanks

[jsivak]

Mike, are you waiting on any info from me?

[miketeo]

Sorry, I missed your other email the other day. Will continue to work on it.

[jpvoodoo]

Mike,

I'm having this exact problem. I'm trying to connect to my buffalo linkstation to enumerate the shares.

Here is my code.

#!/usr/bin/python from smb import smb_structs from smb.SMBConnection import SMBConnection from nmb.NetBIOS import NetBIOS smb_structs.SUPPORT_SMB2 = True

username="jason" password="password" clientname="Jasix" servername="LS-XLF84" domain='WORKGROUP' ipaddress="192.168.1.3"

conn=SMBConnection(username,password,clientname,servername, domain , use_ntlm_v2=False, sign_options=2, is_direct_tcp=True) conn.connect(ipaddress,139) Shares=conn.listShares() print Shares

---

Executing smbclient -L 192.168.1.3 gives correct output. My program gives my this output:

Traceback (most recent call last): File "/home/jason/py/smbtest.py", line 33, in Shares=conn.listShares() File "/usr/lib/python2.7/site-packages/smb/SMBConnection.py", line 148, in listShares self._pollForNetBIOSPacket(timeout) File "/usr/lib/python2.7/site-packages/smb/SMBConnection.py", line 535, in _pollForNetBIOSPacket self.feedData(data) File "/usr/lib/python2.7/site-packages/nmb/base.py", line 54, in feedData self._processNMBSessionPacket(self.data_nmb) File "/usr/lib/python2.7/site-packages/nmb/base.py", line 75, in _processNMBSessionPacket self.onNMBSessionMessage(packet.flags, packet.data) File "/usr/lib/python2.7/site-packages/smb/base.py", line 137, in onNMBSessionMessage if self._updateState(self.smb_message): File "/usr/lib/python2.7/site-packages/smb/base.py", line 1497, in _updateState_SMB1 req.callback(message, **req.kwargs) File "/usr/lib/python2.7/site-packages/smb/base.py", line 1757, in connectCB errback(OperationFailure('Failed to list shares: Unable to connect to IPC$', messages_history)) File "/usr/lib/python2.7/site-packages/smb/SMBConnection.py", line 142, in eb raise failure smb.smb_structs.OperationFailure: Failed to list shares: Unable to connect to IPC$ ==================== SMB Message 0 ====================

SMB Header:

Command: 0x75 (SMB_COM_TREE_CONNECT_ANDX) Status: NTSTATUS=0x00000000 Flags: 0x08 Flags2: 0xC841 PID: 2011 UID: 100 MID: 4 TID: 0 Security: 0x0000000000000000 Parameters: 8 bytes ff00000008000100 Data: 39 bytes 005c005c004c0053002d0058004c004600380034005c00490050004300240000003f3f3f3f3f00

SMB Data Packet (hex):

ff534d4275000000000841c80000000000000000000000000000db076400040004ff000000080001002700005c005c004c0053002d0058004c004600380034005c00490050004300240000003f3f3f3f3f00 ==================== SMB Message 1 ====================

SMB Header:

Command: 0x75 (SMB_COM_TREE_CONNECT_ANDX) Status: NTSTATUS=0xC0000022 Flags: 0x88 Flags2: 0xC801 PID: 2011 UID: 100 MID: 4 TID: 0 Security: 0x0000000000000000 Parameters: 0 bytes

Data: 0 bytes

SMB Data Packet (hex):

ff534d4275220000c08801c80000000000000000000000000000db0764000400000000

I also ran wireshark.

The server sends a NTLMSSP_CHALLENGE with a status of STATUS_MORE_PROCESSING_REQUIRED

The client sends NTLMSSP_AUTH for user WORKGROUP/jason

The server sends a Session Setup AndX Response

The client sends a Tree connect AndX Request for the path \192.168.1.3\IPC$

Finally, the server sends back a Tree Connect AndX Response with an error, STATUS_ACCESS_DENIED.

Admittedly I don't know how to use wireshark very well or I would have figured out a way to send you a dump of the actual packets.

It definitely appears to be having problems with the IPC$ share. I have tried with and with out NTLM2 support and both ports 139 and 445. I have also tried the smb_structs.SUPPORT_SMB2 set to both true and false.

Here is the output of an nmap command if it helps.

Nmap scan report for 192.168.1.3 Host is up (0.025s latency). Not shown: 992 closed ports PORT STATE SERVICE 21/tcp open ftp 80/tcp open http 139/tcp open netbios-ssn 443/tcp open https 445/tcp open microsoft-ds 873/tcp open rsync 8873/tcp open dxspider 22939/tcp open unknown

I was trying to do this by IP address rather than NETBIOS NAME. It doesn't matter. All I want to do is enumerate the shares and mount them.

[jsivak]

Yay! I thought I was the only human on Earth having this issue.. ;)

[jpvoodoo]

Interestingly enough if you capture a string from the SMBConnection.echo() command, the server will echo the results back. Like this:

Words=conn.echo("Hello Hello") print Words

output: Hello Hello

That means that there has to be at least some inter-process communication. That is what the IPC$ share is for on Windows/Samba boxes. I don't claim to be a programmer, but I know at least that much. I'll be anxious to see what Mike suggests. Maybe we could write a more detailed test to test all parameters. We are only changing 3-4 parameters assuming your credentials and the servername/ip address work under other situations. Most are boolean, so there aren't many possible combinations.

[miketeo]

Hi, guys. I have been working with @jsivak on this issue. But unfortunately, my work has been holding up the bug fixing process, and current attempts to fix this bug have failed.

I'll be attempting to replicate a samba 3.0 environment on a CentOS5 box later to see if I can reproduce the bug and solve it.

Thank you for your understanding and patience.

[jsivak]

Thanks for the work and effort, its much appreciated; let me know if there is anything I can do to assist.

[jpvoodoo]

Mike, Don't hurry on my account. This is just a home system for me. We don't have the benefit of having a common server for all to test. Like I said to jsivak, I'm working on a script that tests all arguments other than the credentials, server name, server IP adresss, etc... Maybe we we can use that to figure out just where it breaks?

I am just an old network geek, I am not a professional programmer. I am going to use your variable names for clarity.

[jpvoodoo]

Ok, Mike. I wrote a script to test all combinations of sign options, ntlm options, direct tcp options and server ports. All combinations failed in my environment with the same IPC$ message. Maybe you can tweak it and test it in your environment when you get a chance. Here is the basic procedure:

#For every possible sign option

For each ntlm option

for each is direct_tcp option

for each serverport option

Print Stuff

Try getting a list of shares

#!/usr/bin/python

from smb import smb_structs from smb.base import SharedDevice from smb.SMBConnection import SMBConnection from nmb.NetBIOS import NetBIOS smb_structs.SUPPORT_SMB2 = True

def printConstants(username, password, my_name, remote_name, domain, ipaddress): print "" * 80 print "Things that are constant throughout the test:" print "" * 80 print "username="+username print "password="+password print "my_name=" + my_name print "remote_name="+remote_name print "domain="+domain print "ipaddress="+ipaddress

def printVariables(sign_options,use_ntlm_v2,is_direct_tcp,serverport): print "_" * 80 print "sign_options="+str(sign_options) print "use_ntlm_v2="+str(use_ntlm_v2) print "is_direct_tcp="+str(is_direct_tcp) print "serverport="+str(serverport)

#username, password, my_name, remote_name, domain='', 1 param username="jason" password="katia777" my_name="Jasix" remote_name="LS-XLF84" domain='WORKGROUP'

ipaddress="192.168.1.3" serverport=139 sign_options=0

print "Begin Testing" printConstants(username, password, my_name, remote_name, domain, ipaddress) print print print print

for so in range(0,3): sign_options=so #use_ntlm_v2=True, 2 param for lmv in range(0,2): if lmv==0: use_ntlm_v2=False else: use_ntlm_v2=True

for tcp_only in range(0,2):
#is_direct_tcp=False 2 param
  if tcp_only==0:
is_direct_tcp=False
  else:
is_direct_tcp=True
  for serv_port in range(0,2):
if serv_port==0:
  serverport=139
elif serv_port==1:
  serverport=445

printVariables(sign_options,use_ntlm_v2,is_direct_tcp,serverport)   
conn=SMBConnection(username,password,my_name,remote_name, domain , use_ntlm_v2, sign_options, is_direct_tcp)
conn.connect(ipaddress)
try:
  ShareList=conn.listShares()
  for sh in ShareList:
    print sh.name
  result="result:    WORKED"  
except smb_structs.OperationFailure, o:
  result="Result:    "+o.message

print result  


  print
  print
  print

Here is the output:

Begin Testing

---

Things that are constant throughout the test:

---

username=jason password=katia777 my_name=Jasix remote_name=LS-XLF84 domain=WORKGROUP ipaddress=192.168.1.3

---

sign_options=0 use_ntlm_v2=False is_direct_tcp=False serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=0 use_ntlm_v2=False is_direct_tcp=False serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=0 use_ntlm_v2=False is_direct_tcp=True serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=0 use_ntlm_v2=False is_direct_tcp=True serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=0 use_ntlm_v2=True is_direct_tcp=False serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=0 use_ntlm_v2=True is_direct_tcp=False serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=0 use_ntlm_v2=True is_direct_tcp=True serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=0 use_ntlm_v2=True is_direct_tcp=True serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=1 use_ntlm_v2=False is_direct_tcp=False serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=1 use_ntlm_v2=False is_direct_tcp=False serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=1 use_ntlm_v2=False is_direct_tcp=True serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=1 use_ntlm_v2=False is_direct_tcp=True serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=1 use_ntlm_v2=True is_direct_tcp=False serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=1 use_ntlm_v2=True is_direct_tcp=False serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=1 use_ntlm_v2=True is_direct_tcp=True serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=1 use_ntlm_v2=True is_direct_tcp=True serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=2 use_ntlm_v2=False is_direct_tcp=False serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=2 use_ntlm_v2=False is_direct_tcp=False serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=2 use_ntlm_v2=False is_direct_tcp=True serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=2 use_ntlm_v2=False is_direct_tcp=True serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=2 use_ntlm_v2=True is_direct_tcp=False serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=2 use_ntlm_v2=True is_direct_tcp=False serverport=445 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=2 use_ntlm_v2=True is_direct_tcp=True serverport=139 Result: Failed to list shares: Unable to connect to IPC$

---

sign_options=2 use_ntlm_v2=True is_direct_tcp=True serverport=445 Result: Failed to list shares: Unable to connect to IPC$

[miketeo]

@jpvoodoo : Thanks for running the exhaustive tests on the different options for pysmb. It is unlikely that these options are causing the list share function to fail; these options affect the connect() function.

[miketeo]

Fixed in pysmb 1.1.12

[lunaticitizen]

Hi Mike

I'm having the same problem as @jsivak and @jpvoodoo did. I believe I'm already using pysmb 1.1.12. When I tried to list resources on my server.. it gave me this error. I wonder if I did something wrong. Smbclient works just fine.

Traceback (most recent call last): File "", line 1, in File "/usr/lib/python2.6/site-packages/pysmb-1.1.12-py2.6.egg/smb/SMBConnection.py", line 148, in listShares self._pollForNetBIOSPacket(timeout) File "/usr/lib/python2.6/site-packages/pysmb-1.1.12-py2.6.egg/smb/SMBConnection.py", line 538, in _pollForNetBIOSPacket self.feedData(data) File "/usr/lib/python2.6/site-packages/pysmb-1.1.12-py2.6.egg/nmb/base.py", line 54, in feedData self._processNMBSessionPacket(self.data_nmb) File "/usr/lib/python2.6/site-packages/pysmb-1.1.12-py2.6.egg/nmb/base.py", line 75, in _processNMBSessionPacket self.onNMBSessionMessage(packet.flags, packet.data) File "/usr/lib/python2.6/site-packages/pysmb-1.1.12-py2.6.egg/smb/base.py", line 143, in onNMBSessionMessage if self._updateState(self.smb_message): File "/usr/lib/python2.6/site-packages/pysmb-1.1.12-py2.6.egg/smb/base.py", line 1513, in _updateState_SMB1 req.callback(message, **req.kwargs) File "/usr/lib/python2.6/site-packages/pysmb-1.1.12-py2.6.egg/smb/base.py", line 1770, in connectCB errback(OperationFailure('Failed to list shares: Unable to connect to IPC$', messages_history)) File "/usr/lib/python2.6/site-packages/pysmb-1.1.12-py2.6.egg/smb/SMBConnection.py", line 142, in eb raise failure smb.smb_structs.OperationFailure: Failed to list shares: Unable to connect to IPC$ ==================== SMB Message 0 ====================

SMB Header:

Command: 0x75 (SMB_COM_TREE_CONNECT_ANDX) Status: NTSTATUS=0x00000000 Flags: 0x18 Flags2: 0xC807 PID: 3086 UID: 28673 MID: 4 TID: 0 Security: 0x0000000000000000 Parameters: 8 bytes ff0000000c000100 Data: 27 bytes 005c005c00460053005c00490050004300240000003f3f3f3f3f00

SMB Data Packet (hex):

ff534d4275000000001807c800000000000000000000000000000e0c0170040004ff0000000c0001001b00005c005c00460053005c00490050004300240000003f3f3f3f3f00 ==================== SMB Message 1 ====================

SMB Header:

Command: 0x75 (SMB_COM_TREE_CONNECT_ANDX) Status: NTSTATUS=0xC0000022 Flags: 0x98 Flags2: 0xC807 PID: 3086 UID: 28673 MID: 4 TID: 0 Security: 0x4761304C6E356597 Parameters: 0 bytes

Data: 0 bytes

SMB Data Packet (hex):

ff534d4275220000c09807c800009765356e4c306147000000000e0c01700400000000

Here is the tcpdump file https://s3-ap-southeast-1.amazonaws.com/lunaticitizen-personal-files/pysmb/pysmb

[miketeo]

@lunaticitizen : From your packet capture, I think you are using Window 2003 server. I don't have this OS in my testing environment right now.

You have mentioned that smbclient is working for you. Can you provide a packet capture of the smbclient communication with that server? I will compare the two captures and see what's missing.

[jsivak]

@miketeo, I can confirm; we have Win2003 servers here too.

I'll send the captures shortly.

[lunaticitizen]

Here is the tcpdump file for smbclient operation. https://s3-ap-southeast-1.amazonaws.com/lunaticitizen-personal-files/pysmb/tcpdump_smbclient

[miketeo]

@jsivak , @lunaticitizen : I have setup a Windows 2003 R2 environment, but I wasn't able to reproduce the issue that both of you are having. Are there any special configuration or permission settings that you have used on the user?

from smb.SMBConnection import SMBConnection

c = SMBConnection('miketeo', 'passASd3fa', 'MTTST', 'WIN2K')
c.connect('192.168.1.156')
print c.listShares()

miketeo@ubuntu:~/Projects/pysmb/python2$ python testWin2k.py 
[<smb.base.SharedDevice instance at 0x7ffe90043e18>, <smb.base.SharedDevice instance at 0x7ffe90043e60>, <smb.base.SharedDevice instance at 0x7ffe90043ea8>, <smb.base.SharedDevice instance at 0x7ffe90043ef0>]

[jsivak]

Our server is Windows 2003 Server Standard Edition, not R2 (its also 32bit, but I'm hoping that's not important)

[lunaticitizen]

@miketeo Hmm I think we're not using any special configuration here.. I'm not sure about the server side since I'm not the admin. The client is on a different domain from the server's though, if it's relevant. If you need more logs or packet capture files I'll be happy to provide them.

[jsivak]

@miketeo One thing I noticed in my test code: I'm specifying the domain and setting use_ntlm_v2=False. So your example code should/would look like:

from smb.SMBConnection import SMBConnection

c = SMBConnection('miketeo', 'passASd3fa', 'MTTST', 'WIN2K', domain='foo', use_ntlm_v2=False)
c.connect('192.168.1.156')
print c.listShares()

See if you can run it as above and get the issue to happen.

Also, for our server, we still are using an NT4 Domain (not ActiveDirectory).

[travcunn]

I'm also running into this problem on Windows Server 2012

[jpvoodoo]

@jsivak , @lunaticitizen ,@miketeo

I used version 1.1.13 (not 1.1.12) under linux (openSuSE 13.1) and I was able to list shares. I've never tried it under any version of windows.

Here's that script again for testing the various options. Clean it up and try it for your situation.

#!/usr/bin/python

from smb import smb_structs from smb.base import SharedDevice from smb.SMBConnection import SMBConnection from nmb.NetBIOS import NetBIOS smb_structs.SUPPORT_SMB2 = False

def printConstants(username, password, my_name, remote_name, domain, ipaddress): print "" * 80 print "Things that are constant throughout the test:" print "" * 80 print "username="+username print "password="+password print "my_name=" + my_name print "remote_name="+remote_name print "domain="+domain print "ipaddress="+ipaddress

def printVariables(sign_options,use_ntlm_v2,is_direct_tcp,serverport): print "_" * 80 print "sign_options="+str(sign_options) print "use_ntlm_v2="+str(use_ntlm_v2) print "is_direct_tcp="+str(is_direct_tcp) print "serverport="+str(serverport)

#username, password, my_name, remote_name, domain='', 1 param username="jason" password="katia777" my_name="Jasix" remote_name="LS-XLF84" domain='WORKGROUP'

ipaddress="192.168.1.3" serverport=139 sign_options=0

print "Begin Testing" printConstants(username, password, my_name, remote_name, domain, ipaddress) print print print print

for so in range(0,3): sign_options=so #use_ntlm_v2=True, 2 param for lmv in range(0,2): if lmv==0: use_ntlm_v2=False else: use_ntlm_v2=True

for tcp_only in range(0,2):
#is_direct_tcp=False 2 param
  if tcp_only==0:
is_direct_tcp=False
  else:
is_direct_tcp=True
  for serv_port in range(0,2):
if serv_port==0:
  serverport=139
elif serv_port==1:
  serverport=445

printVariables(sign_options,use_ntlm_v2,is_direct_tcp,serverport)   
conn=SMBConnection(username,password,my_name,remote_name, domain , use_ntlm_v2, sign_options, is_direct_tcp)
conn.connect(ipaddress)
try:
  ShareList=conn.listShares()
  for sh in ShareList:
    print sh.name
  result="result:    WORKED"  
except smb_structs.OperationFailure, o:
  result="Result:    "+o.message

print result  


  print
  print
  print

#For every possible sign option

For each ntlm option

for each is direct_tcp option

for each serverport option

Print Stuff

[ethanmcc]

I am having the same issue using pysmb 1.1.13

[lunaticitizen]

About two weeks ago I tried using Pysmb with Python 3 and it worked well, at least I was able to see the shares on the server. So I'm wondering if compatibility is the problem here. I'll check it with your test script and tell you the result.

By the way we use CentOS 6.5 with Python 2.6.6 in our production environment here and I don't think we're gonna upgrade to Python 3 in the near future :(

[yegorich]

If using Python3 I have no problems connecting to the server and reading a file, but the same code fails in Python2.

[miketeo-citynomads]

@yegorich : can you elaborate more on the failure? Does pysmb fail with an exception, or it just returns no items?