# Samba: problem connecting to a DFS share using smbclient

## equaeghe

I have a problem connecting to a DFS share using `smbclient`. It does work using `mount -t cifs`.

Namely, when I do

```
sudo mount -t cifs //<dfs-url>/<service> ~/mountpoint/ -o username=<username>
```

things work perfectly. However, doing

```
smbclient //<dfs-url>/<service> -U <username> -W <workgroup>

Enter <username>'s password: 

Domain=[<domain>] OS=[Windows Server 2012 R2 Datacenter 9600] Server=[Windows Server 2012 R2 Datacenter 6.3]

tree connect failed: NT_STATUS_BAD_NETWORK_NAME
```

I would expect that if I can connect using a cifs mount, I should be able to connect using smbclient.

Am I doing something wrong with the smbclient invokation?

Has anbody managed to connect to a DFS share using smbclient?

----------

## twalter

Couple of questions:

1) Is this Samba4?  If so, which version?  They have a couple on the go.

2) Wasn't the smbclient Samba3 based?  It may use the old codebase for it's functions even in the Samba4 ebuild.

I seem to recall having to disable DFS to make my GPOs work, FWIW.  There may yet be some missing functionality.

----------

## equaeghe

 *twalter wrote:*   

> 1) Is this Samba4?  If so, which version?  They have a couple on the go.
> 
> 2) Wasn't the smbclient Samba3 based?  It may use the old codebase for it's functions even in the Samba4 ebuild.

 

1) 4.2.14 (testing, because stable 4.2.11 does not contain some fixes I need)

2) Perhaps, but on the net, there is plenty of mention smbclient being able to connect to DFS shares; it's usually cifs-mounting that people encounter issues with.

----------

## twalter

Does the smb client support the same security protocols ?

----------

## equaeghe

 *twalter wrote:*   

> Does the smb client support the same security protocols ?

 

I don't know, but seriously doubt that that is the problem, given the error message.

----------

## twalter

You'd be surprised.  Kerberos resolves separately in its own way (realm-based) from the transport.  If auth fails, it could show as a connect fail that presents that way. (https://msdn.microsoft.com/en-us/library/cc246774.aspx) 

Are you able to get a Wireshark trace to compare with the successful connection?  That would clearly show how far it gets before failure.

----------

