Session setup from 95 appears misaligned
abakun at reac.com
Thu Sep 23 14:19:52 GMT 1999
Doug VanLeuven wrote:
> I successfully logon with 95 roaming profiles. Have been using
> it for years now. Recently tried including services with
> include = /usr/local/samba/lib/smb.services.%U
> Open Network Neighborhood
> Open my samba server
> I have the home share for doug (me)
> but I don't get the services that were included with "smb.services.%U"
> because the connection is as guest. If I wait a few
> minutes & refresh the window, then I get them.
Hello, Doug. This is a known bug in MS clients. The only known work around is to enable
'restrict anonymous' (, but which is only reliable on NT workstations because of the alignment
problem you describe next. I suggest you give it a try and see if it works for you, sometimes
it does work for windows 95 clients.
> the line:
> [1999/09/22 23:27:43, 3] smbd/reply.c:reply_sesssetup_and_X(721)
> Domain= NativeOS=[LDXNET] NativeLanMan=[Windows 4.0]
> looks weird because my domain is LDXNET and my native OS is win95
> and the following line
> [1999/09/22 23:27:43, 3] smbd/reply.c:reply_sesssetup_and_X(725)
> I would think should be my name (only it isn't)
> Can someone help me figure if this is an alignment problem with
> the data from 95 or samba's interpretation?
> If directed, I'm willing to set up whatever traces are required.
I first noticed this, and there are comments to that effect in the code, when I was writing
'restrict anonymous'. I posted a few questions, but it didn't generate enough interest.
As far as I can make out, windows 95 is sending different password lengths or is padding the
password different than windows NT does. This puts samba off by one string (with a length of
zero) when it tries to extract the passwords, and then is off by one string when it tries to
extract the domain, nativeos and nativelanman strings. The nativelanman string is being sent by
win95, it's just not read by samba. I don't think this is a problem with samba, but rather a
bug in win95. In order to make 'restrict anonymous' more reliable, I tried to compensate for it
and modify the passlen variables if win95 is detected as the remote arch, but that was just
a kludge anyway. The function in question is smbd/reply.c:reply_sesssetup_and_X. Here are some
references, see the first one for a more in-depth exploration of this problem.
thwartedefforts at wonky.org
More information about the samba-technical