Samba PDC Login Problems (Located)

Simon Levitt Simon.Levitt at
Wed Oct 14 13:44:17 GMT 1998


We're tracking the CVS development of Samba, and have hit the Domain 
login failures on versions for about a week now (We're using Samba as 
our PDC).

Today I decided to investigate the problem further and have found some 
things which may not be the whole problem, but are definately a 
significant factor. The problem is only with Interactive Logins - 
Normal share mounts are fine.

The problem I've found is rooted around the change in libsmb/smbdes.c 
from revision 1.16 to 1.17 when the length of the Hash produced when 
val == False reduced from 16 to 8 in SamOEMHash().

SamOEMHash() is used in rpc_server/srv_netlog.c:net_login_interactive() 
which assumes it is producing 16 byte values (as the function used to 
when passed False) and comparing the hash with the stored one (in 
whatever form!). This is now failing (although the first 8 bytes are 
matching) and thus returning STATUS_WRONG_PASSWORD the login.



BTW. I'm I just reading SamOEMHash() completely wrong or do the last 
two for loops have the potential to completely blow the bounds of 
       Simon Levitt, Consultant/Software Engineer @ WorldPay Ltd.,
       Orwell House,  Cowley Road,  Cambridge,  CB4 4WY,  ENGLAND.  
Simon.Levitt at  Ph:+44(0)1223 715151  F:+44(0)1223 715157
----------------------- ----------------------

More information about the samba-ntdom mailing list