Query on PDC funcionality

Beej bj at mcs.uts.edu.au
Wed Jan 20 08:37:05 GMT 1999 

I've been playing with samba2.1 prealpha as a test PDC, and having
major difficulties with change password facility. I have the same
problem with the samba-2.0.0 release.

My first attempts at getting this to work was on 2 NT4SP3 machines,
both on which accused me of typing my old password incorrectly whenever
trying to change my password, this was after I logged in.

My next step was to apply NT4SP4 to the workstations, and afterwards
they no longer complained that I entered the old password incorrectly,
but stated:

"Unable to change the password on this account (C00000BE). Please
	consult your system administrator."

However, if logged in via a LOCAL account (rather than a domain account),
and then went to change the password of a DOMAIN account, it returns
saying that the password has changed.

It seems that the process of changing a password differs depending on
whether the request came from an account from within the domain or not,
I'm unsure on why this is the case.

Another oddity was that once the password was changed, the smbpasswd
entry for that domain account had a valid lm hash value, but "X"x32 for
the nt hash.

While trying to understand this 'feature', I notice in the logs:-

[1999/01/20 11:58:55, 5] rpc_server/srv_pipe.c:api_pipe_ntlmssp_verify(243)
  user:  domain:  wks:

This should have been "user: gibber domain: BJLAB wks: PRAWN".
These fields are cleared out in the function with lines similar to this:

fstrcpy(p->wks,   unistrn2((uint16*)p->ntlmssp_resp.wks,
			p->ntlmssp_resp.hdr_wks.str_str_len/2));

This is where it would copy the name of the workstation into p->wks from
a unicode representation.

Using a debugger, p->ntlmssp_resp.wks contains "P\0\R\0\A\0\W\0\N\0\0...".
(PRAWN with \0 between each character).

By throwing a DEBUG statement into the end of unistrn2, and it looks like
that unistrn2 ONLY returns empty strings. 
ie

unistrn2(s,n) => "\0" n chars long (for all of (s))

I haven't tested the other unistr functions, but this looks like one of
those byte ordering problems.

For a 'fix' I tried
char *unistrn2(uint16 *buf, int len)
{
...
-		*p = *buf;
+		*p = *((char*)buf);
...
}

And similar to every unicode to char* function in lib/util_unistr.c.

That didn't work either. The workstation claimed to lose the connection
to the PDC while logging in. And while trying to change a domain password
from a domain account, it would say I typed the password in wrong, but
if I tried to change a domain password from a workstation account, it
would successfully change it (but leave the nt hash field of that entry
X-'d out).

Any Clues? Hints? Suggestions? Comments?

The Samba PDC is running on Solaris2.6, on an Ultra 1.
Compiled with EGCS-1.1.1, CFLAGS=-mv8 -O6 -pipe (has same effect with -g)
and configure options:
./configure \
   --with-privatedir=/local/samba2/private \
   --prefix=/local/samba2 \
   --with-smbwrapper \
   --with-mmap


+-------------------------------+--------------------------------------+
|      Benjamin (Bj) Kuit       |  School of Computing Sciences        |
|      Systems Programmer       |  University of Technology, Sydney    |
|      Phone: 9514 1841         |  Email: bj at mcs.uts.edu.au            |
|      Mobile: 0412 182 972     |                                      |
+-------------------------------+--------------------------------------+

More information about the samba-technical mailing list