Forum Discussion
Windows smb client and Zone.Identifier (WSL) authentication problem
hi together,
we have an import process which import data from a csv file from a nas. I have change the nas server (from old to new server) and activate smb logging.
Now i can see the following problems.
We have on the nas a local user for application access and on the windows client side a other local user too (different names).
Client machine is windows version 1809 build 17763.6414 (windows 10 enterprise ltsc).
1. problem - wrong Authentication Data for writing "Zone.Identifier"
We configred the authentication data in the import process and the process used this data for access to the csv files.
But it looks like that windows meta data process don't use this authentication data.
I saw in tcpdump pcap file 4 smb sessions. First and secound smb sessions use the authentication data for the access to the 2 csv files.
The third smb session use no authentication data. so that the access don't work. Whatevery windows in the third smd session will doing.
The fourth smd session use a mix of source maschine name und destination user, which is not correct.
I add read/write access for everbody, so that i can see, what is doing in the fourth session. Windows will writing/access to the Zone.Identifier file.
1. smb session: User: <nas>.<domain>\<nas_user>
2. smb session: User: <nas>.<domain>\<nas_user>
3. smb session: User: \
4. smb session: User: <client machine name>\<nas_user>
2. problem - ignore "Do not preserve zone information in file attachments" setting
now i activate this setting, so preventing writing of this kind of informations/files. But the windows client ignoring it. I have reboot the windows client and repeat the import process and windows tried to writing the zone information again.
I change the setting about the following way.
admin: gpedit.msc -> User Configuration > Administrative Templates > Windows Components > Attachment Manager and than enable the policy named "Do not preserve zone information in file attachments".
Is this a know issue or hae sameone any idea? I would prevent the 3. and 4. smd session, so the access for the meta data proccesses.
best regards
Christian Voigt
3 Replies
Hello..
We configure credentials for two SMB shares/sessions in our application. Not for three or four SMB sessions. So, all the required data is available. Accessing the data works fine. I suspect the problem is with Windows and its file management.
So, the credentials are correct, and Windows isn't saving them.
Please tell me where I can check the saved sessions. I've searched, but I haven't found any saved session data. I've checked the output of "net use."
Peppen It looks like Windows isn't saving the credentials. And the credentials aren't different. They're the same IP address, username, and password, but the URL is different.
The SMB share is only readable by this user.
Best regards
Christian Voigt
Windows can reuse SMB sessions, but if credentials differ or are missing, sessions can fall back to anonymous or default credentials, causing the observed behavior.
Make sure all SMB sessions are authenticated with the correct credentials, and clear existing sessions before starting.
