SECURITY VULNERABILITY!
Gerald Carter
gcarter at valinux.com
Thu Aug 24 13:26:11 GMT 2000
Seth Vidal wrote:
>
> the nt-linux server uses encrypted passwords
> the puck server uses unencrypted passwords (for older systems)
>
> I have update encrypted set to yes in the smb.conf of
> puck (the system w/ unecrypted passwords) and I'm
> pointing both smb.conf's to the same smbpasswd file.
>
> I have null passwords = false in both smb.conf's.
>
> I have set quite a few users to have null passwords
> (in the smbpasswd file (via smbpasswd -n username)) so
> that the unencrypted password server will be able
> to update their passwords.
>
> So I figured setting null passwords = false would
> deny people attempting to connect w/no password access
> to the encrypted password server.
>
> The problem is that this is not happening.
Seth,
Could you send me your smb.conf? Thanks.
jerry
----------------------------------------------------------------------
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com VA Linux Systems gcarter at valinux.com
http://www.samba.org SAMBA Team jerry at samba.org
http://www.eng.auburn.edu/~cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-ntdom
mailing list