[Samba] Please help me decipher a two-packet NetBT conversation...
Andrew Bartlett
abartlet at samba.org
Fri Jan 21 06:51:02 GMT 2005
On Thu, 2005-01-20 at 10:33 -0600, David Black wrote:
> My clients are Windows XP SP1 and SP2, members of a Samba-PDC NT domain
> (tested 3.0.7 and 3.0.10, same result). Attached is ethereal output
> of a two packet client-server exchange that takes place when an offline
> files sync is done. SP1 quickly does this exchange twice - first
> broadcast, then unicast (as attached) and goes on its way. SP2 tries,
> pauses many seconds, tries again, finally giving up and completing the sync.
>
> Basically the client is attempting a SAM logon request with an empty
> user name. Samba responds with user unknown.
Before you spend too much time barking up the wrong tree, my
understating is that the username in this UDP SamLogon request is not
honoured by any modern operating system, and user-unknown is the correct
reply. Giving out this information would confirm/deny a given username
without authentication, which is considered a bad thing. Samba has
always left it up to the logon process to actually decide this.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050121/a7c506fe/attachment.bin
More information about the samba
mailing list