I am absolutely new to checkmk and I am trying to setup a CIFS mountpoint, but I can’t get it to work.
What I did so far:
On our Synology NAS I created a shared folder and a user with read and write permission on said folder. This is also the user I entered in the mount management configuration GUI. Since we do not have a Windows domain, I chose “No Windows domain authentication”. I entered the IP address of the NAS and the path of the shared folder.
When I try to mount it, the checkmk logs show the following error:
Jun 11 13:16:15 cma kernel: [74506.689018] CIFS VFS: cifs_mount failed w/return code = -13
Jun 11 13:16:15 cma kernel: [74506.688507] CIFS VFS: Send error in SessSetup = -13
Jun 11 13:16:15 cma kernel: [74506.688498] Status code returned 0xc000006d NT_STATUS_LOGON_FAILURE
I can mount the share on my Windows PC without any issue, so I guess I am missing a probably small but important point in the checkmk config. I double/triple checked the user and entered credentials, and they are correct.
Additionally, I am unsure about the role of the workgroup here. The NAS is member of a workgroup and I am not specifying this in the mount management.
Also, I tried to connect with the admin account of the NAS, which also did not work.
What am I missing?
any hint is greatly appreciated!
Not sure what this has to do with CheckMK, but I’ll give it a go. A -13 error typically means authentication failure. But it doesn’t necessarily means that your credentials are wrong.
Depending on the version of CIFS your NAS is running your may want to extend your mount command with something like vers=1 (or 2 or 3), to force a certain version of the CIFS protocol to be used.
Also you may want to play around with the password hashing protocol. You can add it to your mount command using sec=
And then for sec you can use any of these values:
none - attempt to connection as a null user (no name)
krb5 - Use Kerberos version 5 authentication
krb5i - Use Kerberos authentication and forcibly enable packet signing
ntlm - Use NTLM password hashing
ntlmi - Use NTLM password hashing and force packet signing
ntlmv2 - Use NTLMv2 password hashing
ntlmv2i - Use NTLMv2 password hashing and force packet signing
ntlmssp - Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message
ntlmsspi - Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing
My best guess is that either sec=ntlm or sec=ntlmssp should work.
So your mount command should end up looking something like this:
mount -t cifs -o vers=2,sec=ntlmv2,domain=MYDOMAIN,username=myusername,password=mypassword //<NAS>/myshare/ /mnt/myshare