Samba 2.2.pre3 vs. 1.9.18 with unknown users

Andrew Bartlett abartlet at pcug.org.au
Thu Jan 10 00:59:33 GMT 2002


"Ph. Marek" wrote:
> 
> Hi everybody!
> 
> I'm having problems again - but at least they are changing :-)
> 
> Using NT4SP5 as client and using a self-written program which does
>         WNet( ...,NULL,NULL,...)
> for Username and Password (trying maybe already established logon
> credentials) and, if that fails for any reason, doing
>         WNet( ...,user,name,...)
> WHERE user IS NOT EQUAL TO THE LOGGED-ON USER.
> 
> With Samba 1.9.18 (or something in that direction ;-) that worked as designed.
> 
> BUT.
> With Samba 2.2pre3 (current CVS snapshot) samba sends a
> STATUS_LOGON_FAILURE (looked into the packet sniffed off the network).
> 1.9.18 sent a "bad password".

Yep, in the time since Samba 2.2.2 jra added NT_STATUS support to the
2.2 branch.  They have been enabled in HEAD for a bit longer, and the
new auth subsystem uses them in particular.

> This seems to lead NT to the conclusion that the user could have been ok,
> and resends the "old" username (which wasn't specified and was so taken as
> the currently logged on user) instead of the given one - which doesn't
> work, of course.

This is interesting, becouse I thought I had mimiced the NT behavoiur. 
I'm intrested in why these doesn't work....  In particualr, are these
funciton calls current, or backward compatible versions?  

> So there are some solutions:
> - Changing my program.
>   I'm not sure how to change it, though - I'm using a documented behaviour.
>   And if I'm just eliminating the WNet(...,NULL,NULL,...) case I may get
>   problems if the user is already logged on with another user/password pair.
> - Changing samba to return the "old" failure codes. That is, "bad password"
>   irrespective if the user and/or the password is wrong.
>   That's unclean, too.
> 
> So please give me advice what I can do to avoid this (in my opinion an NT-)
> bug.

Can you please try the current HEAD CVS?  In particular can you please
confirm if the behaviour is different to NT/Win2k/XP?

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net




More information about the samba-technical mailing list