Bug or (mis)feature

[Dejan Ilic]

I recently tracked down a mysterious proble I have seen in ny domain
(NT4SP4 with Samba server)

Scenario is like this:
User has a password with mixed uppercase and lowercase. NT4-machines
are in domain with Samba 2.0.3 server and running on mandatory
profile. The same problem probably happens with roving profiles too.
LMFix applied on all machines.

Problem:
Problem happends when user log into the domain with ALL lowercase
password.

Reason:
NT4SP4 checks with Samba, and as Samba checks agains all-lowercase
passwords in second try (see "password level" in smb.conf), the user
can log in on the machine.

Here the problems start.
User is now loged into the NT4, but when NT tries to check the profile
information, server refuses because it feel that the password is
incorrect. Thus prfile informatin cannot be downloaded with the error
"operating system was unable to create profile directory
\\server\profiles.pds. You will be logged with a local profile only"

Thus mandatory profile fails, and so does mounting of homedisk.

----
I checked with a friend who has a domain with "pure" NT4 wks and NT4
server. First of all, it doesn't let you log in with all lowercase
passwords, and thus you dont have problems with password-missmatch in
later stage.

Second, if "password level = 0" is needed, the I want a way of
disabling the test with all lowercase, effectivly sacrifising
compatibility for security.


Has anybody else had this problem or is able to reproduce the problem
?

Dejan