encrypt passwords = yes
Gerald Carter
gcarter at valinux.com
Fri Aug 10 14:59:05 GMT 2001
On Tue, 7 Aug 2001, Rafal Szczesniak wrote:
>
>
> On Tue, 7 Aug 2001, Gerald Carter wrote:
>
> > On Tue, 7 Aug 2001, Rafal Szczesniak wrote:
> >
> > > I've observed the following situation:
> > > Explicitly setting encrypted passwords to "yes" makes smbd
> > > using NT password hash and authentication works fine. When I
> > > comment "encrypted passwords" out, smbd checks password
> > > against Lanman hash and everytime authentication fails
> >
> > No. 'encrypt passwords = no' checks against /etc/passwd.
> > My guess is that ytou are using MD5 passwords in /etc/shadow
> > and didn't enable --with-pam when compiling (or did not
> > create /etc/pam.d/samba)
>
> So, the log message 'Defaulting to Lanman password for XYZ'
> means that smbd is checking my password hash against Lanman
> hash in smbpasswd(5) or /etc/shadow ?
> If I leave smb.conf(5) without "encrypt passwords" then it
> should be set (by smbd run-time) to "yes". What is the
> default hash the smbd uses then ?
No that would mean that the client is sending the password
hash. 'encrypt passwords' defaults to no.
I'm confused. Can we back up? So with 'encrypt passwords
= no' you are still getting the 'Defaulting to Lanman password
for XYZ' in the log? What client is this?
cheers, jerry
---------------------------------------------------------------------
www.valinux.com VA Linux Systems gcarter_at_valinux.com
www.samba.org SAMBA Team jerry_at_samba.org
www.plainjoe.org jerry_at_plainjoe.org
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--
More information about the samba-technical
mailing list