This is broken (and insecure) behaviour.

Bob Lansley bob.lansley at analog.com
Thu Apr 20 10:29:01 GMT 2000 

We are seeing erratic behaviour from Samba for connecting Unix
drives to an NT terminal Server.

Samba version 2.0.6
Solaris 2.6
NT Server 4.0 Terminal Server Edition with service pack 4
running WinCenter NIS Logon Utility.

The NT server is not part of a domain and uses the WinCenter Logon
Utility to authenticate username and passwords from my Unix NIS
server.

Samba is set up for server level security with the password server
set to the NT terminal server.

This will work fine for a while and allow terminal server session users
to connect to their UNIX drives. For whatever reason Samba will then
refuse to play ball anymore and suggests that supplied passwords are
incorrect (even though they are not).

The only way to cure this seems to be to restart Samba.

Has anyone else seen similar behaviour and know of a workaround or
fix ?

I have attached relevant messages from the log file.

Cheers,

Bob.



[2000/04/20 08:54:27, 1] smbd/password.c:(1105)
  password server ACEWTS1 rejected the password
[2000/04/20 08:54:27, 0] passdb/smbpass.c:(50)
  startsmbfilepwent: unable to open file /usr/local/samba/private/smbpasswd
[2000/04/20 08:54:27, 0] passdb/passdb.c:(149)
  unable to open smb password database.
[2000/04/20 08:54:27, 1] smbd/password.c:(505)
  Couldn't find user 'lansley' in smb_passwd file.
[2000/04/20 08:54:27, 0] passdb/smbpass.c:(50)
  startsmbfilepwent: unable to open file /usr/local/samba/private/smbpasswd
[2000/04/20 08:54:27, 0] passdb/passdb.c:(149)
  unable to open smb password database.
[2000/04/20 08:54:27, 1] smbd/password.c:(505)
  Couldn't find user 'lansley' in smb_passwd file.
[2000/04/20 08:54:27, 1] smbd/reply.c:(909)
  Rejecting user 'lansley': authentication failed
[2000/04/20 08:54:37, 0] smbd/password.c:(1070)
  server_validate: password server ACEWTS1 allows users as non-guest with a bad password.
[2000/04/20 08:54:37, 0] smbd/password.c:(1072)
  server_validate: This is broken (and insecure) behaviour. Please do not use this machine as the password server.
[2000/04/20 08:54:37, 0] passdb/smbpass.c:(50)
  startsmbfilepwent: unable to open file /usr/local/samba/private/smbpasswd
[2000/04/20 08:54:37, 0] passdb/passdb.c:(149)
  unable to open smb password database.
[2000/04/20 08:54:37, 1] smbd/password.c:(505)
  Couldn't find user 'lansley' in smb_passwd file.
[2000/04/20 08:54:37, 0] passdb/smbpass.c:(50)
  startsmbfilepwent: unable to open file /usr/local/samba/private/smbpasswd
[2000/04/20 08:54:37, 0] passdb/passdb.c:(149)
  unable to open smb password database.
[2000/04/20 08:54:37, 1] smbd/password.c:(505)
  Couldn't find user 'lansley' in smb_passwd file.
[2000/04/20 08:54:37, 1] smbd/reply.c:(909)
  Rejecting user 'lansley': authentication failed

More information about the samba mailing list