STATUS_ACCESS_DENIED (0xc0000022): Could not connect to <remote server> and ERROR Signatures for packet SMB2_TREE_CONNECT with message id << # >> do not match (received: [#,#,#], calculated: [#,#,#])

Hi @hierynomus ,

One of our clients are facing an intermittent STATUS_ACCESS_DENIED issue which in turn is triggering the email for invalid packet signing error while they are using the smbj library to connect and perform certain operations to an ONTAP server. Apparently the invalid packet signing error is received in their confirgured email notification as soon as the Status_Access_Denied error reflects in the packet traces but there is no trace of it in the packet capture logs itself. Also, the team confirms that all permissions have been provided to the SAMBA Share.

Please find the application logs they are getting for the error-

19:08:31.604 09/26/2024 Worker-0 [MuleRuntime].uber.1971: [iqvia-rds-ctms-sedan-proc-1-0].iqvia-rds-ctms-sedan-proc-impl_readFiles.BLOCKING @34d9ccd DEBUG event:9c351130-7c0c-11ef-8b2a-1290d3ea35db Loading class 'com.mulesoft.connectors.smb.internal.connection.provider.SmbConnectionProvider' with 'org.mule.runtime.module.artifact.api.classloader.ChildFirstLookupStrategy@67dc5f29' on 'org.mule.runtime.module.artifact.api.classloader.RegionClassLoader[domain/default/app/iqvia-rds-ctms-sedan-proc-1-0] @453a3d17'

19:08:31.604 09/26/2024 Worker-0 [MuleRuntime].uber.1971: [iqvia-rds-ctms-sedan-proc-1-0].iqvia-rds-ctms-sedan-proc-impl_readFiles.BLOCKING @34d9ccd WARN event:9c351130-7c0c-11ef-8b2a-1290d3ea35db Cannot load class 'com.mulesoft.connectors.smb.internal.connection.provider.SmbConnectionProvider': [ Class 'com.mulesoft.connectors.smb.internal.connection.provider.SmbConnectionProvider' has no package mapping for region 'domain/default/app/iqvia-rds-ctms-sedan-proc-1-0'., Cannot load class 'com.mulesoft.connectors.smb.internal.connection.provider.SmbConnectionProvider': [ Class 'com.mulesoft.connectors.smb.internal.connection.provider.SmbConnectionProvider' has no package mapping for region '/domain/default'., Class 'com.mulesoft.connectors.smb.internal.connection.provider.SmbConnectionProvider' not found in classloader for artifact 'container'.]]

19:08:31.605 09/26/2024 Worker-0 [MuleRuntime].uber.1971: [iqvia-rds-ctms-sedan-proc-1-0].iqvia-rds-ctms-sedan-proc-impl_readFiles.BLOCKING @34d9ccd DEBUG event:9c351130-7c0c-11ef-8b2a-1290d3ea35db Removing context at location - iqvia-rds-ctms-sedan-proc-impl_readFiles/processors/4 for event - 9c351130-7c0c-11ef-8b2a-1290d3ea35db_25904938

19:08:31.606 09/26/2024 Worker-0 [MuleRuntime].uber.1971: [iqvia-rds-ctms-sedan-proc-1-0].iqvia-rds-ctms-sedan-proc-impl_readFiles.BLOCKING @34d9ccd ERROR event:9c351130-7c0c-11ef-8b2a-1290d3ea35db **** Message : STATUS_ACCESS_DENIED (0xc0000022): Could not connect to [\dccar2dnetvnasc01p-lan1.quintiles.net\IPC$](file://dccar2dnetvnasc01p-lan1.quintiles.net/IPC$) Element : iqvia-rds-ctms-sedan-proc-impl_readFiles/processors/4 @ iqvia-rds-ctms-sedan-proc-1-0:iqvia-rds-ctms-sedan-proc-impl.xml:81 (Directory List) Element DSL : </smb:directory-list> Error type : SMB:CONNECTIVITY FlowStack : at iqvia-rds-ctms-sedan-proc-impl_readFiles(iqvia-rds-ctms-sedan-proc-impl_readFiles/processors/4 @ iqvia-rds-ctms-sedan-proc-1-0:iqvia-rds-ctms-sedan-proc-impl.xml:81 (Directory List)) Payload : null Payload Type : null -------------------------------------------------------------------------------- Root Exception stack trace: org.mule.runtime.api.connection.ConnectionException: STATUS_ACCESS_DENIED (0xc0000022): Could not connect to \dccar2dnetvnasc01p-lan1.quintiles.net\IPC$ at org.mule.runtime.module.extension.internal.runtime.exception.ExceptionHandlerManager.resolveConnectionException(ExceptionHandlerManager.java:101) at org.mule.runtime.module.extension.internal.runtime.exception.ExceptionHandlerManager.handleThrowable(ExceptionHandlerManager.java:90) at org.mule.runtime.module.extension.internal.runtime.exception.ExceptionHandlerManager.process(ExceptionHandlerManager.java:75) at org.mule.runtime.module.extension.internal.runtime.operation.DefaultExecutionMediator.handleError(DefaultExecutionMediator.java:241) at org.mule.runtime.module.extension.internal.runtime.operation.DefaultExecutionMediator.access$200(DefaultExecutionMediator.java:61) at org.mule.runtime.module.extension.internal.runtime.operation.DefaultExecutionMediator$1.error(DefaultExecutionMediator.java:173) at org.mule.runtime.module.extension.internal.runtime.operation.DeferredExecutorCallback.callDelegateMethod(DeferredExecutorCallback.java:105) at org.mule.runtime.module.extension.internal.runtime.operation.DeferredExecutorCallback.close(DeferredExecutorCallback.java:97) at org.mule.runtime.module.extension.internal.runtime.operation.DefaultExecutionMediator.execute(DefaultExecutionMediator.java:128) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.executeOperation(ComponentMessageProcessor.java:575) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.prepareAndExecuteOperation(ComponentMessageProcessor.java:802) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.access$100(ComponentMessageProcessor.java:197) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor$4.lambda$innerEventDispatcher$6(ComponentMessageProcessor.java:660) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableConditionalSubscriber.onNext(FluxPeekFuseable.java:482) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableConditionalSubscriber.onNext(FluxPeekFuseable.java:496) at reactor.core.publisher.FluxContextStart$ContextStartSubscriber.onNext(FluxContextStart.java:103) at reactor.core.publisher.FluxCreate$BufferAsyncSink.drain(FluxCreate.java:793) at reactor.core.publisher.FluxCreate$BufferAsyncSink.next(FluxCreate.java:718) at reactor.core.publisher.FluxCreate$SerializedSink.next(FluxCreate.java:153) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.lambda$onEvent$13(ComponentMessageProcessor.java:443) at org.mule.runtime.core.internal.policy.DefaultPolicyManager.lambda$static$0(DefaultPolicyManager.java:85) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.onEvent(ComponentMessageProcessor.java:454) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.lambda$null$6(ComponentMessageProcessor.java:395) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableConditionalSubscriber.onNext(FluxPeekFuseable.java:482) at reactor.core.publisher.FluxMapFuseable$MapFuseableConditionalSubscriber.onNext(FluxMapFuseable.java:287) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableConditionalSubscriber.onNext(FluxPeekFuseable.java:496) at org.mule.runtime.core.privileged.processor.chain.AbstractMessageProcessorChain$2.onNext(AbstractMessageProcessorChain.java:485) at org.mule.runtime.core.privileged.processor.chain.AbstractMessageProcessorChain$2.onNext(AbstractMessageProcessorChain.java:480) at reactor.core.publisher.FluxHide$SuppressFuseableSubscriber.onNext(FluxHide.java:127) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableSubscriber.onNext(FluxPeekFuseable.java:204) at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onNext(FluxOnAssembly.java:351) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableSubscriber.onNext(FluxPeekFuseable.java:204) at reactor.core.publisher.FluxContextStart$ContextStartSubscriber.onNext(FluxContextStart.java:103) at reactor.core.publisher.FluxContextStart$ContextStartSubscriber.onNext(FluxContextStart.java:103) at reactor.core.publisher.FluxMap$MapConditionalSubscriber.onNext(FluxMap.java:213) at reactor.core.publisher.MonoFlatMapMany$FlatMapManyInner.onNext(MonoFlatMapMany.java:242) at reactor.core.publisher.FluxFlatMap$FlatMapMain.tryEmit(FluxFlatMap.java:537) at reactor.core.publisher.FluxFlatMap$FlatMapInner.onNext(FluxFlatMap.java:999) at reactor.core.publisher.FluxContextStart$ContextStartSubscriber.onNext(FluxContextStart.java:103) at reactor.core.publisher.MonoNext$NextSubscriber.onNext(MonoNext.java:76) at org.mule.runtime.core.privileged.processor.chain.AbstractMessageProcessorChain$2.onNext(AbstractMessageProcessorChain.java:485) at org.mule.runtime.core.privileged.processor.chain.AbstractMessageProcessorChain$2.onNext(AbstractMessageProcessorChain.java:480) at reactor.core.publisher.MonoFlatMapMany$FlatMapManyInner.onNext(MonoFlatMapMany.java:242) at reactor.core.publisher.FluxPeek$PeekSubscriber.onNext(FluxPeek.java:192) at reactor.core.publisher.FluxPeek$PeekSubscriber.onNext(FluxPeek.java:192) at reactor.core.publisher.FluxMap$MapSubscriber.onNext(FluxMap.java:114) at reactor.core.publisher.FluxPeek$PeekSubscriber.onNext(FluxPeek.java:192) at reactor.core.publisher.MonoFlatMapMany$FlatMapManyInner.onNext(MonoFlatMapMany.java:242) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableSubscriber.onNext(FluxPeekFuseable.java:204) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableSubscriber.onNext(FluxPeekFuseable.java:204) at reactor.core.publisher.FluxContextStart$ContextStartSubscriber.onNext(FluxContextStart.java:103) at reactor.core.publisher.FluxCreate$BufferAsyncSink.drain(FluxCreate.java:793) at reactor.core.publisher.FluxCreate$BufferAsyncSink.next(FluxCreate.java:718) at reactor.core.publisher.FluxCreate$SerializedSink.next(FluxCreate.java:153) at org.mule.runtime.core.internal.rx.FluxSinkRecorder$DirectDelegate.next(FluxSinkRecorder.java:196) at org.mule.runtime.core.internal.rx.FluxSinkRecorder.next(FluxSinkRecorder.java:68) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor$1.complete(ComponentMessageProcessor.java:388) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor$3.complete(ComponentMessageProcessor.java:538) at org.mule.runtime.module.extension.internal.runtime.operation.DefaultExecutionMediator$1.complete(DefaultExecutionMediator.java:160) at org.mule.runtime.module.extension.internal.runtime.operation.DeferredExecutorCallback.callDelegateMethod(DeferredExecutorCallback.java:108) at org.mule.runtime.module.extension.internal.runtime.operation.DeferredExecutorCallback.close(DeferredExecutorCallback.java:97) at org.mule.runtime.module.extension.internal.runtime.operation.DefaultExecutionMediator.execute(DefaultExecutionMediator.java:128) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.executeOperation(ComponentMessageProcessor.java:575) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.prepareAndExecuteOperation(ComponentMessageProcessor.java:802) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.lambda$onEventSynchronous$16(ComponentMessageProcessor.java:477) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.onEventSynchronous(ComponentMessageProcessor.java:484) at org.mule.runtime.module.extension.internal.runtime.operation.ComponentMessageProcessor.lambda$null$6(ComponentMessageProcessor.java:393) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableConditionalSubscriber.onNext(FluxPeekFuseable.java:482) at reactor.core.publisher.FluxMapFuseable$MapFuseableConditionalSubscriber.onNext(FluxMapFuseable.java:287) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableConditionalSubscriber.onNext(FluxPeekFuseable.java:496) at org.mule.runtime.core.privileged.processor.chain.AbstractMessageProcessorChain$2.onNext(AbstractMessageProcessorChain.java:485) at org.mule.runtime.core.privileged.processor.chain.AbstractMessageProcessorChain$2.onNext(AbstractMessageProcessorChain.java:480) at reactor.core.publisher.FluxHide$SuppressFuseableSubscriber.onNext(FluxHide.java:127) at reactor.core.publisher.FluxPeekFuseable$PeekFuseableSubscriber.onNext(FluxPeekFuseable.java:204) at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onNext(FluxOnAssembly.java:351) at reactor.core.publisher.FluxSubscribeOnValue$ScheduledScalar.run(FluxSubscribeOnValue.java:178) at reactor.core.scheduler.SchedulerTask.call(SchedulerTask.java:50) at reactor.core.scheduler.SchedulerTask.call(SchedulerTask.java:27) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at org.mule.service.scheduler.internal.AbstractRunnableFutureDecorator.doRun(AbstractRunnableFutureDecorator.java:152) at org.mule.service.scheduler.internal.RunnableFutureDecorator.run(RunnableFutureDecorator.java:54) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:750) ****

Below is the email notification received for packet signature invalid error -

18:23:17.301 09/18/2024 Worker-0 [MuleRuntime].uber.5554: [iqvia-rds-ctms-sedan-proc-1-0].calling_sedan_sys_api.BLOCKING @9b03fda INFO event:e9262f70-75bc-11ef-9cc8-0e358d7f53d1 Attempting to resolve \dccar2dnetvnasc01p-lan1.quintiles.net\Common through DFS

18:23:17.301 09/18/2024 Worker-0 [MuleRuntime].uber.5554: [iqvia-rds-ctms-sedan-proc-1-0].calling_sedan_sys_api.BLOCKING @9b03fda INFO event:e9262f70-75bc-11ef-9cc8-0e358d7f53d1 Starting DFS resolution for \dccar2dnetvnasc01p-lan1.quintiles.net\Common

18:23:17.301 09/18/2024 Worker-0 [MuleRuntime].uber.5554: [iqvia-rds-ctms-sedan-proc-1-0].calling_sedan_sys_api.BLOCKING @9b03fda INFO event:e9262f70-75bc-11ef-9cc8-0e358d7f53d1 Connecting to \dccar2dnetvnasc01p-lan1.quintiles.net\IPC$ on session -3760224213467715395

18:23:17.309 09/18/2024 Worker-0 Packet Reader for dccar2dnetvnasc01p-lan1.quintiles.net ERROR Signatures for packet SMB2_TREE_CONNECT with message id << 1295434 >> do not match (received: [-23, 14, 77, -4, -68, 103, -24, 27, 125, 97, 85, 100, -61, -77, -109, -58], calculated: [-4, 10, 68, -98, -69, -48, -118, -51, 10, 106, 76, 21, 85, 27, -62, 103, 46, -84, -41, -96, 56, 7, 27, -24, 66, 13, 18, 31, -75, -43, -37, 68])

18:23:17.309 09/18/2024 Worker-0 Packet Reader for dccar2dnetvnasc01p-lan1.quintiles.net ERROR Packet SMB2_TREE_CONNECT with message id << 1295434 >> has header: dialect=null, creditCharge=1, creditRequest=0, creditResponse=1, message=SMB2_TREE_CONNECT, messageId=1295434, asyncId=0, sessionId=-3760224213467715395, treeId=0, status=0xc0000022, flags=9, nextCommandOffset=0

18:23:17.309 09/18/2024 Worker-0 Packet Reader for dccar2dnetvnasc01p-lan1.quintiles.net WARN Invalid packet signature for packet SMB2_TREE_CONNECT with message id << 1295434 >>

18:23:17.309 09/18/2024 Worker-0 [MuleRuntime].uber.5554: [iqvia-rds-ctms-sedan-proc-1-0].calling_sedan_sys_api.BLOCKING @9b03fda INFO event:e9262f70-75bc-11ef-9cc8-0e358d7f53d1 Attempting to resolve \dccar2dnetvnasc01p-lan1.quintiles.net\IPC$ through DFS

18:23:17.309 09/18/2024 Worker-0 [MuleRuntime].uber.5554: [iqvia-rds-ctms-sedan-proc-1-0].calling_sedan_sys_api.BLOCKING @9b03fda INFO event:e9262f70-75bc-11ef-9cc8-0e358d7f53d1 Starting DFS resolution for \dccar2dnetvnasc01p-lan1.quintiles.net\IPC$

18:23:17.310 09/18/2024 Worker-0 [MuleRuntime].uber.5554: [iqvia-rds-ctms-sedan-proc-1-0].calling_sedan_sys_api.BLOCKING @9b03fda ERROR event:e9262f70-75bc-11ef-9cc8-0e358d7f53d1 Error while establishing connection STATUS_ACCESS_DENIED (0xc0000022): Could not connect to \dccar2dnetvnasc01p-lan1.quintiles.net\IPC$ org.mule.runtime.api.connection.ConnectionException: STATUS_ACCESS_DENIED (0xc0000022): Could not connect to \dccar2dnetvnasc01p-lan1.quintiles.net\IPC$ at com.mulesoft.connectors.smb.internal.connection.SmbConnection.(SmbConnection.java:99)

can you please look into this issue. Thanks!

hierynomus / smbj

STATUS_ACCESS_DENIED (0xc0000022): Could not connect to <remote server> and ERROR Signatures for packet SMB2_TREE_CONNECT with message id << # >> do not match (received: [#,#,#], calculated: [#,#,#]) #845