none
NetrLogonSamLogonEx request returned 'STATUS_NETWORK_SESSION_EXPIRED' RRS feed

  • Question

  • Hi

    I am running an open Likewise server against Windows Domain Controller, 2012 R2.

    While things are running fine and my windows client can do 'net use z: \\...', suddenly in the middle of a test the 'net use z: \\...' is rejected with INVALID password error.

    Capturing the network trace, I noticed that when the error was reported, the

    'NetrLogonSamLogonEx'

    # request to the DC was returned with

    'STATUS_NETWORK_SESSION_EXPIRED' error.

    I could not locate when this would happen

    From the session ID in the request, I can see that the SESSION_SETUP against the DC happened about 860 seconds ago.

    Is there a timeout for this session ? The last successful request using this session ID to the DC was about 4 minutes ago before that error was returned


    • Edited by vmittal Tuesday, February 5, 2019 4:17 PM improved
    Tuesday, February 5, 2019 4:13 PM

Answers

  • UPDATE 02/15/2019

    Likewise server MUST attempt re-authentication. Below is the reference to the section from the protocol document MS-SMB2.

    3.2.5.1.6 Handling Session Expiration

    If the Status field in the SMB2 header is STATUS_NETWORK_SESSION_EXPIRED, the client MUST attempt to reauthenticate the session that is identified by the SessionId in the SMB2 header, as specified in section 3.2.4.2.3. If the reauthentication attempt succeeds, the client MUST retry the request that failed with STATUS_NETWORK_SESSION_EXPIRED. If the reauthentication attempt fails, the client MUST fail the operation and terminate the session, as specified in section 3.2.4.23.

    Regards,
    Sreekanth Nadendla
    Microsoft Windows Open specifications

    Tuesday, January 7, 2020 6:34 PM
    Moderator

All replies

  • Hi vmittal,

    Thank you for your question.  An engineer from the protocols team will contact you soon.


    Bryan S. Burgin Senior Escalation Engineer Microsoft Protocol Open Specifications Team

    Tuesday, February 5, 2019 11:42 PM
    Moderator
  • Hi Vmittal, I will be assisting you with your issue. Can you contact me at dochelp at microsoft dot com ? I would like to analyze the traces you've collected to investigate the issue.

    Regards,
    Sreekanth Nadendla
    Microsoft Windows Open specifications

    Wednesday, February 6, 2019 7:49 PM
    Moderator
  • UPDATE 02/15/2019

    Likewise server MUST attempt re-authentication. Below is the reference to the section from the protocol document MS-SMB2.

    3.2.5.1.6 Handling Session Expiration

    If the Status field in the SMB2 header is STATUS_NETWORK_SESSION_EXPIRED, the client MUST attempt to reauthenticate the session that is identified by the SessionId in the SMB2 header, as specified in section 3.2.4.2.3. If the reauthentication attempt succeeds, the client MUST retry the request that failed with STATUS_NETWORK_SESSION_EXPIRED. If the reauthentication attempt fails, the client MUST fail the operation and terminate the session, as specified in section 3.2.4.23.

    Regards,
    Sreekanth Nadendla
    Microsoft Windows Open specifications

    Tuesday, January 7, 2020 6:34 PM
    Moderator
  • Thanks Sreekanth for this, I had forgot to close this one.

    Just for everyone to know about the root cause:

    My Domain controller had the TGS expirey set to minimum 10 minutes. And the SMB session was created 10 minutes ago so it was expiring amidst I/O

    And my SMB server was not handling SESSION_EXPIRED error properly. It didn't try to re authenticate, which lead to INVALID password error

    Wednesday, January 8, 2020 9:39 PM