REPOST : -Re: nt password changing now works.

Luke Kenneth Casson Leighton lkcl at switchboard.net
Thu Oct 22 19:11:03 GMT 1998 

check the log files.  if you have ever changed your password with the
"SMBtrans2" calls, this does _not_ update the NT 16 byte hash it only does
the LM one.  the nt password change will then _fail_ because there is no
NT password to decode the new password.

On Fri, 23 Oct 1998, Amol Karnik wrote:

> hi all,
> 
> am reposting this email from me, which i sent 2 days back. perhaps not
> everyone got it, since i got no responses to it.
> 
> - amol 
> 
> 
> Amol Karnik wrote:
> > 
> > umm i tried this after doing an update today morning, and it doesnt work
> > for me.
> > 
> > details :
> > 
> > cvs code : latest ( did a cvs update, cvs -t update)
> > did an rm -rf and a ./configure with no option other than --prefix and
> > did a make
> > 
> > samba is running on solaris2.5.1 with latest patches
> > samba is logon server, wins server.
> > profiles are roaming profiles stored on the samba server.
> > client is NT4.0 workstation with service pack 3
> > 
> > domain logon works perfect. profiles are downloaded perfectly. (there
> > are no local accounts)
> > i did a c-a-d and change passwd, but it returns saying "the user name or
> > old password is incorrect. letters in password must be typed using the
> > correct case. make sure that caps lock is not accidently on"
> > 
> > when i compiled i did notice the following warnings :
> > ===========================
> > Compiling smbd/chgpasswd.c
> > "smbd/chgpasswd.c", line 638: warning: argument #1 is incompatible with
> > prototype:
> >         prototype: pointer to char : "include/proto.h", line 511
> >         argument : pointer to uchar
> > Compiling smbd/connection.c
> > Compiling smbd/dfree.c
> > Compiling smbd/dir.c
> > Compiling smbd/password.c
> > Compiling smbd/conn.c
> > Compiling smbd/fileio.c
> > Compiling smbd/ipc.c
> > "smbd/ipc.c", line 1735: warning: argument #3 is incompatible with
> > prototype:
> >         prototype: pointer to uchar : "include/proto.h", line 2024
> >         argument : pointer to char
> > Compiling smbd/mangle.c
> > ....
> > ...
> > Compiling smbd/open.c
> > "smbd/open.c", line 578: warning: integer overflow detected: op "<<"
> > ..
> > ..
> > Compiling rpc_parse/parse_samr.c
> > "rpc_parse/parse_samr.c", line 2737: warning: syntax error:  empty
> > declaration
> > ....
> > ....
> > Compiling lib/util.c
> > "lib/util.c", line 4392: warning: integer overflow detected: op "<<"
> > "lib/util.c", line 4405: warning: integer overflow detected: op "<<"
> > ..
> > ..
> > Compiling lib/util.c with -Kpic
> > "lib/util.c", line 4392: warning: integer overflow detected: op "<<"
> > "lib/util.c", line 4405: warning: integer overflow detected: op "<<"
> > 
> > ==========================
> > 
> > a relevant part of the log.machine$ file with a debug level of 10 is
> > shown below
> > 
> > =====================
> > [1998/10/21 11:08:25, 5] passdb/smbpass.c:(252)
> >   getsmbfilepwent: returning passwd entry for user amol, uid 227
> > [1998/10/21 11:08:25, 10] passdb/passdb.c:(146)
> >   found by name: amol
> > [1998/10/21 11:08:25, 7] passdb/smbpass.c:(81)
> >   endsmbfilepwent: closed password file.
> > [1998/10/21 11:08:25, 0] smbd/chgpasswd.c:(680)
> >   check_oem_password: incorrect password length (-663635885).
> > [1998/10/21 11:08:25, 5] rpc_parse/parse_samr.c:(2776)
> >   make_r_chgpasswd_user
> > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(36)
> >   000000 samr_io_r_chgpasswd_user
> > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(139)
> >       2ca6f8 status: c000006a
> > [1998/10/21 11:08:25, 5] rpc_server/srv_samr.c:(750)
> >   samr_chgpasswd_user: 750
> > [1998/10/21 11:08:25, 10] rpc_server/srv_util.c:(755)
> >   called api_samr_rpc
> > [1998/10/21 11:08:25, 5] rpc_server/srv_util.c:(175)
> >   create_rpc_reply: data_start: 0 data_end: 4 max_tsize: 5680
> > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(36)
> >   000000 smb_io_rpc_hdr hdr
> > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(111)
> >       272a10 major     : 05
> > [1998/10/21 11:08:25, 5] rpc_parse/parse_prs.c:(111)
> > [1998/10/21 11:08:35, 5] smbd/uid.c:(343)
> >   unbecome_user now uid=(0,0) gid=(0,0)
> > [1998/10/21 11:09:25, 6] param/loadparm.c:(1743)
> >   lp_file_list_changed()
> >   file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf
> > last mod_time: Tue Oct 20 15:22:06 1998
> > =========================================
> > 
> > btw, you guys are doing a great job. keep it up folks. your work does
> > not go unappreciated.
> > 
> > regards,
> > 
> > amol
> > 
> > Luke Kenneth Casson Leighton wrote:
> > >
> > > ok.
> > >
> > > i got encrypted rpcs in smbd working, tested with "small", i.e only one
> > > dce/rpc fragment.  i've yet to see an encrypted rpc large enough to fit
> > > into more than one dce/rpc fragment.  although, i could set the fragment
> > > size to something bizarre and small.... hm.
> > >
> > > ok.  testing against a workstation logged in to a samba domain...
> > > ctrl-alt-del | change password... password change works!  oh yeah!
> > >
> > > i tried testing earlier by typing in the domain name, i got a UDP SAMLOGON
> > > query which i had to fix by always putting the unicode data at the end of
> > > the response, but to no avail.  it forces an SMBtrans2 password change
> > > _not_ a \PIPE\samr one.  wierd.  there must be something else in there.
> > >
> > > so, to recap, in one sentence: password changing for nt workstations that
> > > are a member of a samba domain now works.
> > >
> > > luke
> 

<a href="mailto:lkcl at samba.anu.edu.au" > Luke Kenneth Casson Leighton  </a>
<a href="http://mailhost.cb1.com/~lkcl"> Samba and Network Development </a>
<a href="http://www.samba.co.uk"       > Samba and Network Consultancy </a>

More information about the samba-ntdom mailing list