Network and Storage Protocols

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Network and Storage Protocols

Ask a Question

signed smb error: SPNEGO- NTLMSSP negotiation in wrong state

SANTOSHJEERGI
‎2013-05-07 11:49 PM
7,435 Views

Hi I'm facing error while accessing netapp smb share,

Hostname length is less then 16 characters,

On netapp console, we observe below message when trying to access share

   Tue May  7 16:26:50 PDT [netappedge1stapr:auth.trace.spnegoAuthentication.statusMsg:info]: AUTH: SPNEGO- NTLMSSP negotiation in wrong state for Negotiate message..


What this indicates, at what point during processing NTLM Auth packet is hit. when is it expected.

Attaching pcap for your kind perusal, please apply filter (smb || smb2 && ip.addr==10.199.64.90)

  vaguely suppose it means ntlm flags is incorrect ,

NetappShareAccess.pcap.zip
0 Kudos
View By:
4 REPLIES 4

SANTOSHJEERGI
‎2013-05-08 12:23 AM
7,435 Views

On wireshark Session set up response is STATUS_NOT_SUPPORTED.

0 Kudos

kodavali
NetApp
‎2013-06-04 03:20 AM
In response to SANTOSHJEERGI
7,435 Views

what is the lmcompatibility setting on the controller and the singing settings?

0 Kudos

SANTOSHJEERGI
‎2013-06-10 10:12 PM
In response to kodavali
7,435 Views

cifs.LMCompatibilityLevel   is  1

can you please tell when is this SPNEGO- NTLMSSP negotiation in wrong state is expected?

0 Kudos

waldrop
NetApp Alumni
‎2013-08-14 09:50 AM
7,435 Views

Looking at the trace you provided, if I had to guess this is an issue with SMB signing.  My analysis is below:

frame 51 - client after determined in the initial neg protocol exchange that SMB2 is supported, now starts another neg protocol to determine which version of SMB2 can be used.  Note the "Security Mode" of 0x02 and that "Signing Require = True but Enabled = False"

frame 53 - controller response and again not the security mode section of the frame "0x03 with both Signing Required and enabled set to True"

In an SMB conversation the last exchange of frames that can occur before SMB signing needs to be confirmed is the "Tree Connect".  In your case, the conversation stops at Session Setup, which is not unexpected if SMB Signing is an issue.  Start with investigating SMB signing, could start by setting the client to "Required" and re-test.

Announcements
All Community Forums
Public