Bdtyktl

I have a Debian server running smbd (Debian 9.3, samba 4.5.12) and an Ubuntu 17.10 client with which I mount samba shares using the gio mount (previously gvfs-mount) commmand: gio mount smb://server/storage

As both server and client are up to date, I would expect them to negotiate mounts with SMB3, or SMB2 at the least, but if I run smbstatus on the server the mount is using NT1 (which AFAIK is SMB1):

Samba version 4.5.12-Debian

PID     Username     Group        Machine                                   Protocol Version  Encryption           Signing              

----------------------------------------------------------------------------------------------------------------------------------------

12164   darren       darren       192.168.10.86 (ipv4:192.168.10.86:34052)  NT1               -                    -                    



Service      pid     Machine       Connected at                     Encryption   Signing     

---------------------------------------------------------------------------------------------

storage      12164   192.168.10.86 Thu Dec 21 22:49:30 2017 GMT     -            -           



No locked files

If I add client min protocol = SMB3 to smb.conf, I can confirm that the change takes affect with testparm -v | grep protocol:

Load smb config files from /etc/samba/smb.conf

rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)

Processing section "[printers]"

Processing section "[home]"

Processing section "[storage]"

Loaded services file OK.

Server role: ROLE_STANDALONE



Press enter to see a dump of your service definitions



client ipc max protocol = default

client ipc min protocol = default

client max protocol = default

client min protocol = SMB3

server max protocol = SMB3

server min protocol = LANMAN1

But the output of smbstatus is the same, and the mounts are still using NT1 (have umounted and remounted). How can I force the gio mount command to use a later protocol, and why isn't it working by default?

Here is my smb.conf:

[printers]

guest ok=yes

comment=Attached printers

browseable=no

printable=yes

path=/var/spool/samba

use client driver=yes



[global]

log file=/var/log/samba/log.all

guest account=nobody

load printers=yes

obey pam restrictions=yes

socket options=TCP_NODELAY IPTOS_LOWDELAY

interfaces=br0

map to guest=Bad User

show add printer wizard=no

encrypt passwords=true

passdb backend=tdbsam

unix extensions=no

dns proxy=no

wide links=yes

printing=cups

server string=%h Miniserver

invalid users=root

workgroup = sharefamily

printcap name=cups

#syslog=0

security=user

preferred master=yes

max log size=1000

disable spoolss=Yes

bind interfaces only=yes

client min protocol = SMB3



[home]

hide dotfiles=yes

browseable=yes

writable=yes

admin users=darren

path=/home

write list=darren

hide files=/lost+found/

guest ok=no

create mask=0764

directory mask=0775

comment=Home Directories

hide special files=yes

public=no



[storage]

browseable=yes

inherit owner=yes

inherit permissions=yes

admin users=darren

write list=darren

path=/home/storage

hide files=/lost+found/

guest ok=no

comment=Common storage

read only=yes

hide special files=yes

public=no

update

Another client I tested (an iPhone app) is successfully negotiating SMB2 so it appears to be a limitation of gvfs. I found this related question that suggests it’s limited to SMB1 in order to be able to browse networks by host. Will try the suggested workaround and update accordingly.

min protocol = SMB2

NOT

client min protocol = SMB3

Got an extra word in there.