Changing password from WinNT

Tue Dec 8 19:06:41 GMT 1998

Configuration: Solaris 2.5.1 with a samba cvs (04 dec 98).

My smb.conf file:
...
encrypt passwords = Yes
passwd program = /bin/passwd %u
passwd chat = *login*password* %o\n *New*password* %n\n *new*password*
%n\n *changed*
unix password sync = Yes
...

Hello,

I finally succeed to change a user password from a WinNT4 workstation on
both smbpasswd file and passwd NIS map. From my samba box, the smbpasswd
command (in user mode) also changes these 2 files. But to do this, I
need 2 hacks in smbd/chgpasswd.c.

 1/ The first change was suggested by Bernie Kirby in the samba-ntdom
mailing list:

+ It would seem to be byte order problem 
+ maybe unique to Solaris2.x In any case, the 'new' password ends 
+ up being null at approx line 700+ in chpasswd.c, where it calls 
+
+                 char *pw; 
+                 new_pw_len /= 2; 
+                 pw = unistrn2((uint16*)(&lmdata[512-uni_pw_len]),
new_pw_len); 
+ 
+         pw is always a null string. 
+ 
+                 As an experiment, I replaced this call with: 
+ 
+                 { 
+                         char buf[100]; 
+                         int i; 
+                         memset(buf, 0, sizeof(buf)); 
+                         for (i = 0; i < new_pw_len*2 && i < 100; i +=
2)  
+                                 buf[i/2] = (char)lmdata[512-uni_pw_len
+ i]; 
+ 
+                         memcpy(new_passwd, buf, new_pw_len+1); 
+ 
+                         DEBUG(0, ("new passwd = '%s'\n", new_passwd)); 
+                 }

Here, unicode conversion is not correct because of byte order problem.
My question: is there a problem with unistrn2() on solaris ?

 2/ Then I had to commented out 4 return(False) near line 320 in the
same file.

+    /* we now have a pty */
+   if (pid > 0){			/* This is the parent process */
+     if ((chstat = talktochild(master, chatsequence)) == False) {
+       DEBUG(3,("Child failed to change password: %s\n",name));
+       kill(pid, SIGKILL); /* be sure to end this process */
+     }
+ 
+     if ((wpid = sys_waitpid(pid, &wstat, 0)) < 0) {
+       DEBUG(3,("The process is no longer waiting!\n\n"));
+       /*close(master);
+       return(False);*/
+     }
+ 
+     close(master);
+ 
+     if (pid != wpid) {
+       DEBUG(3,("We were waiting for the wrong process ID\n"));	
+       /*return(False);*/
+     }
+     if (WIFEXITED(wstat) == 0) {
+       DEBUG(3,("The process exited while we were waiting\n"));
+       /*return(False);*/
+     }
+     if (WEXITSTATUS(wstat) != 0) {
+       DEBUG(3,("The status of the process exiting was %d\n", wstat));
+       /*return(False);*/
+     }

The password chat with the child is good: talktochild() returns ok. But,
I don't why, the waitpid() call returns -1. Someone has any idea ?

Maurice.

Oh ! another wonderful thing: with the NISkit1.2 patch for solaris, on
the NIS master, root can change a user password without knowing the old
one.