The article written in it, it is focusing on how to solve error message where the error message itself is negotiation failed: NT_STATUS_CONNECTION_RESET upon connecting to share folder using smbclient protocol. As we already know from the manual page of smbclient, it is a tool which is part of the samba suite. Furthermore, from the manual of smbclient, it is declared that basically, smbclient is a client that can ‘talk’ to an SMB/CIFS server. It offers an interface similar to that of the ftp program. Operations include things like getting files from the server to the local machine, putting files from the local machine to the server, retrieving directory information from the server and so on.
The following command is the command which is normally executed successfully :
smbclient -L //xxx.xxx.xxx.xxx/ -Uuser_name
or it can be executed as the following pattern :
smbclient -L //xxx.xxx.xxx.xxx/ -U user_name
Description : smbclient : it is an ftp-like client to access SMB/CIFS resources on servers -L : it is an additional parameter for the smbclient tool command which is used to list (-L : --list) and allows the user typed the command to look at what services are available on a server. -U : it sets the SMB username or username and password which is used to connect to the SMB/CIFS resources on the server. If %password is not specified, the user will be prompted. Based on the manual, the client will first check the USER environment variable and then the LOGNAME variable and if either exists, the string is uppercased. If these environmental variables are not found, the username GUEST is used.
The command executed can be shown as follow which is given as an example :
user@hostname:~$ smbclient -L //xxx.xxx.xxx.xxx -U Administrator WARNING: The "syslog" option is deprecated Enter Administrator's password: OS=[Windows 5.1] Server=[Windows 2000 LAN Manager] Sharename Type Comment --------- ---- ------- IPC$ IPC Remote IPC share Disk ADMIN$ Disk Remote Admin C$ Disk Default share Connection to xxx.xxx.xxx.xxx failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND) NetBIOS over TCP disabled -- no workgroup available user@hostname:~$
Normally, the command can be executed if SMBv1 is enabled. But if it is being disabled, the following error will appear :
negotiation failed: NT_STATUS_CONNECTION_RESET.
So, in order to solve the problem generated as shown in the above error generated, the command execution must be modified and it is executed as shown as the following command pattern :
smbclient -L //xxx.xxx.xxx.xxx/ -U user_name -m SMB2
So, after the command is being modified as shown in the above command pattern, below is the command execution :
user@hostname:~$ smbclient -L //xxx.xxx.xxx.xxx -U Administrator -m SMB2 WARNING: The "syslog" option is deprecated Enter Administrator's password: OS=[Windows 5.1] Server=[Windows 2000 LAN Manager] Sharename Type Comment --------- ---- ------- IPC$ IPC Remote IPC share Disk ADMIN$ Disk Remote Admin C$ Disk Default share Connection to xxx.xxx.xxx.xxx failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND) NetBIOS over TCP disabled -- no workgroup available user@hostname:~$
So, by adding the additional parameter -m SMB2, it specifies the connection performed is using protocol SMB version 2. Based on the manual of smbclient, the additional parameter -m which stands for –max-protocol is a parameter that allows the user to select the highest SMB protocol level that smbclient will use to connect to the server. By default this is set to NT1, which is the highest available SMB1 protocol. To connect using SMB2 or SMB3 protocol, use the strings SMB2 or SMB3 respectively. Note that to connect to a Windows 2012 server with encrypted transport selecting a max-protocol of SMB3 is required.