Closed rabejens closed 1 year ago
While CSI Proxy makes the mount on behalf of the CSI Driver you should make sure that the Windows host can do this first, from the error: New-SmbGlobalMapping : Network access is denied
it looks like running this powershell command itself fails in the host.
Have you tried to do the mount manually? There are troubleshooting steps for the error "Network access is denied" here https://learn.microsoft.com/en-us/answers/questions/1052608/denied-access-to-network-drive
Indeed mounting manually fails, too.
I logged in as NT AUTHORITY\SYSTEM
using from an elevated powershell:
C:\pstools\PsExec.exe -i -s powershell.exe
then doing:
$creds = Get-Credential
Entered my credentials (prefixing the user with localhost\
).
Then did:
New-SmbGlobalMapping -RemotePath \\myserver\myshare -Credential $creds -RequirePrivacy $true
and I am receiving the same "Network access is denied" error.
There is another similar issue posted in the csi-driver-smb project, and they managed to get it working by turning on SMB encryption. However, I cannot reconfigure the server I am trying to access. Is it somehow possible to connect to this "insecure" server?
Note that I have to use vers=2.0
to make it work on Linux.
Just a quick followup: Indeed the problem was that SMB 3.0 wasn't enabled.
I obtained the admin credentials for the NAS I am using, and turned on SMB 3 and encryption for the share, now it works.
What happened:
Mounting fails with "Network access is denied"
What you expected to happen:
Mount succeeds
How to reproduce it:
Anything else we need to know?:
It works on Windows and the share mounts OK
Environment:
kubectl version
): 1.25.6