Kevin P. Fleming
kfleming at access-laserpress.com
Tue Apr 11 23:31:19 GMT 2000
The waiting period can be eliminated by adding "nodelay" to the first module
in the pam.d file for samba. This causes the pam_pwdb.so module to not
insert a random 1-3 second delay after each failed password attempt (which
is a anti-hacking measure).
As far as Samba trying multiple passwords, it's going to do that, that's how
it's designed to work. You will get these messages in your log and there's
not much you can about it unless you want to restrict your users' passwords
to a form that matches Samba's first attempt, which I believe is all
From: David Collier-Brown - Sun Canada
[mailto:davecb at scot.canada.sun.com]
Sent: Tuesday, April 11, 2000 4:18 PM
To: Multiple recipients of list SAMBA-TECHNICAL
Subject: Re: Problem persists
Cristian POP <cpop at compas.dntcj.ro>
| For every connection that is made to the server ( for a samba service )
| I get an error from the PAM_pwdb module, which is responsible for
| authentication. In addition there is a __annoying__ waiting period after
| that error occurs.
| I think the problem is between samba and pam : samba does not
| transmit the right user&password combination at first time the connection
| is made and that causes.
I wonder if Samba using pam tries UPPERCASE and lowercase
versionsnof the password: that used to be a necessary
step in authenticating (without pam) clients who think
they should single-case user's passwrods.
Have a look at the strings being passed to the pam module,
possibly via strace (?), it might be that simple...
David Collier-Brown in Boston
Phone: (781) 442-0734, Room BUR03-3632
More information about the samba-technical