Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

install Filesys::SmbClient (Filesys/SmbClient)

https://support.nagios.com/forum/viewtopic.php?t=44096

Page 2 of 3

Re: install Filesys::SmbClient (Filesys/SmbClient)

Posted: Wed May 31, 2017 1:22 pm
by tgriep
Try adding the Active Directory domain to the username and see if that fixes the issue.
For the username, use the following format

Code: Select all

domain/username
Let us know if it works.

Re: install Filesys::SmbClient (Filesys/SmbClient)

Posted: Wed May 31, 2017 1:36 pm
by SavaSC
I already have it set it up that way. I have tried it with both "/" & "\". I have tried without the domain as well. Nothing seems to be working.

I can't help but think there is something I have wrong on the Windows server but I have no idea of what it might be.

Re: install Filesys::SmbClient (Filesys/SmbClient)

Posted: Wed May 31, 2017 1:48 pm
by SteveBeauchemin
I believe the maintainer of that module may have abandoned it. I may be wrong. No updates since 2013? No samba 4 compatibility. On my RH 7 system, I took a different route.

in the file here:

Code: Select all

/usr/local/nagios/libexec/utils.pm
I needed to populate the variable:

Code: Select all

$PATH_TO_SMBCLIENT = "/usr/bin/smbclient" ;
Once that was in place, I was able to use a different syntax in the plugin.
At the top of the perl plugin:

Code: Select all

use lib "/usr/local/nagios/libexec";
Then, in the plugin I moved from syntax like this:

Code: Select all

    # Write test
    print "Write test starting\n" if $DEBUG;
    $startwrite = Time::HiRes::time();
    $fd = $smb->open(">$filename", 0666)
      or print "Can't create file:", $!, "\n";
    if($fd) {
      for ($count = 500; $count >= 1; $count--) {
        $smb->write($fd, "Nagios write test Nagios write test Nagios write test at " . $startwrite . " - " . $count . "\n");
      }
      $smb->close($fd);
      $writetime = sprintf("%.3f",Time::HiRes::time()-$startwrite);
      $output .= " write at ${writetime}s";
    } else {
      $errorcode = $ERRORS{'CRITICAL'};
      $output .= " write fail";
    }
to syntax like this:

Code: Select all

  # Write test
  print "Write test starting\n" if $DEBUG;
  # create the file
  $fd = open(my $fh, '>', $filename);
  # populate the file
  if($fd) {
    for ($count = 500; $count >= 1; $count--) {
      print $fh "Nagios write test Nagios write test Nagios write test at " . $startwrite . " - " . $count . "\n";
    }
    close($fh);
    $command = "put $filename ${opt_F}";
    # put the file on the remote share
    $startwrite = Time::HiRes::time();
    qx/$smbclient '\/\/$opt_H\/$opt_R' $opt_P -W $opt_D -U $opt_U -c "$command" 2> \/dev\/null/;
    my $writetatus = $?; # should be 0

    # analyze error code
    if ($writetatus == 0) {
      $errorcode = $ERRORS{'OK'} if $errorcode < $ERRORS{'OK'};
      $writetime = sprintf("%.3f",Time::HiRes::time()-$startwrite);
      $output .= " write at ${writetime}s";
    } else {
      $errorcode = $ERRORS{'CRITICAL'};
      $output .= " write fail";
    }
  }
I did prefer using the perl module. But moving forward, this is better for me. I am not going to revert to Samba 3 just for this perl module.

I am sure you can find other plugins doing the same test. Or roll your own which is way more fun.

Good Luck!

Steve B

Re: install Filesys::SmbClient (Filesys/SmbClient)

Posted: Wed May 31, 2017 2:07 pm
by tgriep
Thanks@Steve B for the help.

Another thing I found that could cause that error is that SMB1.0 is deprecated in Windows 2012R2 and the plugins need that to function.

Re: install Filesys::SmbClient (Filesys/SmbClient)

Posted: Wed May 31, 2017 2:31 pm
by SavaSC
tgriep wrote:Another thing I found that could cause that error is that SMB1.0 is deprecated in Windows 2012R2 and the plugins need that to function.
Ah! I just remembered that we had to turn off SMB1 off on that server. OK, that explains that. You said "plugins" - as in plural. Do you mean that there are no plugins that will work with SMB2 or 3?

Re: install Filesys::SmbClient (Filesys/SmbClient)

Posted: Wed May 31, 2017 4:54 pm
by tgriep
I did a quick search and did not find a plugin that says it works with SMB 2.0 or 3.0.
Take a look at the exchange site and see if you can find one or just search the internet for one.
https://exchange.nagios.org/

Re: install Filesys::SmbClient (Filesys/SmbClient)

Posted: Wed May 31, 2017 4:55 pm
by avandemore
One option writing a plugin using something list smbclient which can list off the shares on a host.

Code: Select all

smbclient -L
Wrap that in plugin logic found here:
https://nagios-plugins.org/doc/guidelines.html
https://mathias-kettner.de/checkmk_localchecks.html
http://www.yourownlinux.com/2014/06/how ... cript.html

VoilĂ , insta-plugin.

Re: install Filesys::SmbClient (Filesys/SmbClient)

Posted: Thu Jun 01, 2017 2:51 pm
by SteveBeauchemin
okay... ignore my previous post and the data. You are already Not using the perl module.

The script you are using requires smbclient.

Here is command line syntax that uses the AD Domain name, which I have to use or I get fails. Transplant into your script once you get the syntax that works for you.

Code: Select all

smbclient -L "host" -U"user"%"password" -W "domain-or-workgroup"
Also, I was able to get the same failure message you have - I forced it by choosing SMB1, SMB2, or SMB3 - like this:

Code: Select all

smbclient -L "host" -U"user"%"password" -W "domain-or-workgroup" -m SMB3
in the response I see "protocol negotiation failed: NT_STATUS_CONNECTION_DISCONNECTED"
When I use SMB1 or SMB2 I get different responses.

So, try the -W domain and try the -m protocol. Those may be the final piece for you. Never give up...

Code: Select all

man smbclient
       -W|--workgroup=domain
           Set the SMB domain of the username. This overrides the default domain which is the domain defined in smb.conf. If the
           domain specified is the same as the servers NetBIOS name, it causes the client to log on using the servers local SAM (as
           opposed to the Domain SAM).
       -m|--max-protocol protocol
           This allows the user to select the highest SMB protocol level that smbclient will use to connect to the server. By default
           this is set to NT1, which is the highest available SMB1 protocol. To connect using SMB2 or SMB3 protocol, use the strings
           SMB2 or SMB3 respectively. Note that to connect to a Windows 2012 server with encrypted transport selecting a max-protocol
           of SMB3 is required.
Good Luck.
Steve B

Re: install Filesys::SmbClient (Filesys/SmbClient)

Posted: Thu Jun 01, 2017 4:10 pm
by dwhitfield
Thanks Steve!

OP, let us know if you have any more questions!

Re: install Filesys::SmbClient (Filesys/SmbClient)

Posted: Tue Jun 06, 2017 12:22 pm
by SavaSC
Thanks for all of the information! Sorry it has taken me so long to get back with you.

First, I grabbed another plugin that was a little more of what I needed (check_smb_share_AA) and modified it a bit to do more (I thought) of what I wanted it to do. I named it check_windows_share. Here is the code for that plugin:

Code: Select all

EVISION=1.1
PROGNAME=`/bin/basename $0`
PROGPATH=`echo $0 | /bin/sed -e 's,[\\/][^\\/][^\\/]*$,,'`

ACCESS_DENIED='NT_STATUS_ACCESS_DENIED'
LOGON_DENIED='NT_STATUS_LOGON_FAILURE'

logon_state=0
acces_state=0

. $PROGPATH/utils.sh

usage () {
    echo "\
Nagios plugin to check Windows share

Usage:
  $PROGNAME -H <host> -U USERNAME -P PASSWORD -D DOMAIN/WORKGROP -S SHARE
  $PROGNAME --help
  $PROGNAME --version
"
}

help () {
    print_revision $PROGNAME $REVISION
    echo; usage; echo; support
}

if [ $# -lt 1 ] || [ $# -gt 6 ]; then
    usage
    exit $STATE_UNKNOWN
fi

while test -n "$1"; do
    case "$1" in
	--help | -h)
	    help
	    exit $STATE_OK;;
	--version | -V)
	    print_revision $PROGNAME $REVISION
	    exit $STATE_OK;;
	-H)
	    shift
	    host=$1;;
	-U)
	    shift
	    usr=$1;;
	-P)
		shift
		pass=$1;;
	-D)
		shift
		domain=$1;;
	-S)
	    shift
	    share=$1;;
	*)
	    usage; exit $STATE_UNKNOWN;;
    esac
    shift
done

stdout=$(smbclient //$host/$share -U "$usr"%"pass" -W $domain -m SMB3 -c dir 2>&1)


logon_state=$(echo $stdout | grep $LOGON_DENIED | wc -l)
acces_state=$(echo $stdout | grep $ACCESS_DENIED | wc -l)
share_state=$(echo "$stdout" | wc -l)

if [ $logon_state -eq 1 ]; then
    echo "CRITICAL Authentication problem : Check USER/PWD config"
    exit $STATE_CRITICAL
fi

if [ $acces_state -eq 1 ]; then
    echo "CRITICAL Authorization problem : Access denied"
    exit $STATE_CRITICAL
fi

if [[ $acces_state -eq 0 && $logon_state -eq 0 && $share_state -gt 3 ]]; then
    echo "OK Share : $share"
    exit $STATE_OK
fi

    echo "Unknown state : $share"
    exit $STATE_UNKNOWN
I then created a command (also called check_windows_share) with this command line:

Code: Select all

$USER1$/check_windows_share -H $HOSTNAME$ -U $ARG1$ -P $ARG2$ -D $ARG3$ -S $ARG4$ $ARG5$
When I run the following, it works fine. I get a list of items in the share.

Code: Select all

smbclient //servername/sharename -U username%password -W domain -m SMB3 -c dir
However, when I run this command, it tells me "No such file or directory"

Code: Select all

$USER1$/check_windows_share -H servername -U username -P password -D domain -S sharename
I'm sure there is a problem in my plugin, but I can't figure out what. Can you please take a look and see what I've messed up?

Thanks so much!
All times are UTC-05:00
Page 2 of 3

Powered by phpBB® Forum Software © phpBB Limited