Samba Passwords >8 characters? (Samba 2.2 CVS, Solaris 7, Win 2K client)

Tim Gildersleeve t.gildersleeve at bilk.ac.uk
Mon Feb 26 08:55:40 GMT 2001 

Well, I do have user level security, but definately not encrypted passwords
= no.  I have always set this to yes.  Speaking just for myself, I cant see
no reason why someone would want to turn this off.  It doesnt matter what
other security you add to your system, if you have unencrypted text
passwords floating around your system you are asking for trouble.  Its a bit
like logging in remotely to a unix box with telnet.  Always use ssh.

Just my 2 pence worth :)

> -----Original Message-----
> From:	MCCALL,DON (HP-USA,ex1) [SMTP:don_mccall at hp.com]
> Sent:	Friday, February 23, 2001 7:53 PM
> To:	'Tim Gildersleeve'; 'Don S. Rogers'; samba-ntdom at us5.samba.org
> Subject:	RE: Samba Passwords >8 characters? (Samba 2.2 CVS, Solaris
> 7, Win 2K client)
> 
> Tim,
> If you are using userlevel security, and encrypt passwords = no,
> then your password length, etc is going to be governed by your 
> underlying UX os, as samba will be calling standard system routines
> to authenticate your users against the /etc/passwd or nis files...
> Otherwise, I don't know of a coded 8char limitation in Samba for 
> ENCRYPTED passwords that get hashed into the smbpasswd file.
> Don
> 
> -----Original Message-----
> From: Tim Gildersleeve [mailto:t.gildersleeve at bilk.ac.uk]
> Sent: Friday, February 23, 2001 4:10 AM
> To: 'Don S. Rogers'; samba-ntdom at us5.samba.org
> Subject: RE: Samba Passwords >8 characters? (Samba 2.2 CVS, Solaris 7,
> Win 2K client)
> 
> 
> Hmm
> 
> Ive seen a few people having this problem.  I am running Samba2.2-alpha2
> (CVS) updated on my system every couple of days actually.  I have Win2000
> Pro clients (and Win95).  Some passwords are 12 characters or more and I
> have no problem.  My guess that the problem is somewhere else.
> 
> Tim Gildersleeve
> tim at otcs-online.net
> 
> > -----Original Message-----
> > From:	Don S. Rogers [SMTP:Don_Rogers at brown.edu]
> > Sent:	Thursday, February 22, 2001 6:21 PM
> > To:	samba-ntdom at us5.samba.org
> > Subject:	Samba Passwords >8 characters? (Samba 2.2 CVS, Solaris 7,
> > Win2K client)
> > 
> > Howdy, Samba folks.
> > 
> > I am currently testing an installation of yesterday's CVS Samba 2.2 on a
> > Solaris 7 Sparc box to eventually replace our Samba 2.0.6/Linux setup.
> > Our test clients are Win2K Pro, base install. 
> > 
> > So far, all is fairly happy and healthy on PDC support and file serving.
> > Haven't tested print services yet. However, we are having a problem with
> > Samba passwords:
> > 
> > All works fine if the Samba password is 8 characters long or less. If
> > it's any longer, though, then Win 2K does not accept the login. If I try
> > to use the long password, it gives me this error:
> > 
> > 	The system cannot log you on due to the following error:
> > 	The stub received bad data.
> > 	Please try again...
> > 
> > If I manually truncate the password to only the first 8 characters, then
> > I can authenticate normally.
> > 
> > Further, when testing the Samba shares with smbclient, I find that it
> > only cares about the first 8 characters in the login password. If the
> > actual password I set with smbpasswd is 14 characters, for example, then
> > I can authenticate via smbclient using the first (valid) 8 characters of
> > the password plus any quantity of gibberish after.
> > 
> > We hope to retain passwords up to 14 characters for compatibility with
> > other campus network services.
> > 
> > Any ideas? I thought there might be a compile-time configuration option
> > that would help, but I can't determine which one. Also, I couldn't find
> > any related notes in the archives.
> > 
> > I should mention that Solaris on this box exhibits the same behavior --
> > only the first 8 characters in the Unix password matter for
> > authentication. Is this actually an OS issue that impacts Samba, or does
> > Samba have its own limitation? 
> > 
> > Thanks!
> > 
> > Don
> > 
> > -- 
> >  Don S. Rogers  .  Department Computing Coordinator
> >  Brown University  .  Sociology  .  Population Studies
> >  Social Science Research Lab  .  http://www.ssrl.brown.edu
> >  phone 401.863.2550  .  fax 401.863.3213

More information about the samba-ntdom mailing list