rpcclient & smbpasswd to test samba
GV
gv_kovai at yahoo.com
Wed Jul 17 19:51:04 GMT 2002
Hi there,
I am new to this list and enter with couple of
questions.
This is my first one.
Version: 2.2.3a
I want to enhance rpcclient code to view user details
at level 18(SAM_USER_INFO_12). Server checks whether
user, who is asking info logged in as root and through
ntlmssp. I started looking at the possibilities to use
ntlm authentication by rpcclient. I made a quick hack
in the code. This may look agly but i wanted to make
it
quickly [I would appreciate, if i get a quick elegant
solution].
The following is the inserted code in
rpcclient/cmd_samr.c:cmd_samr_query_user
--------
slprintf (server, sizeof(fstring)-1, "\\\\%s",
cli->desthost);
strupper (server);
/* Set NTLM flags */
cli_nt_set_ntlmssp_flgs(cli,
NTLMSSP_NEGOTIATE_UNICODE |
NTLMSSP_NEGOTIATE_OEM |
NTLMSSP_NEGOTIATE_SIGN |
NTLMSSP_NEGOTIATE_SEAL |
NTLMSSP_NEGOTIATE_LM_KEY |
NTLMSSP_NEGOTIATE_NTLM |
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
|
NTLMSSP_NEGOTIATE_00001000 |
NTLMSSP_NEGOTIATE_00002000);
/* Open SAMR Session. Negotiate credentials */
cli->nt_pipe_fnum = 0; /* To make the
following function happy */
cli_nt_session_open(cli, PIPE_SAMR);
result = cli_samr_connect(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
---------
This is what i got in the server.
-----------
[2002/07/17 18:06:05, 5] rpc_parse/parse_prs.c:(500)
0022 stub_type_len: 08
[2002/07/17 18:06:05, 5] rpc_parse/parse_prs.c:(500)
0023 padding : 00
[2002/07/17 18:06:05, 5] rpc_parse/parse_prs.c:(558)
0024 unknown : 00000001
[2002/07/17 18:06:05, 5] rpc_server/srv_pipe.c:(1073)
api_pipe_auth_process: auth 44
[2002/07/17 18:06:05, 5] rpc_parse/parse_prs.c:(60)
000028 smb_io_rpc_auth_ntlmssp_chk auth_sign
[2002/07/17 18:06:05, 5] rpc_parse/parse_prs.c:(558)
0028 ver : 00000001
[2002/07/17 18:06:05, 5] rpc_parse/parse_prs.c:(558)
002c reserved: 00000000
[2002/07/17 18:06:05, 5] rpc_parse/parse_prs.c:(558)
0030 crc32 : 3c63076f
[2002/07/17 18:06:05, 0] rpc_parse/parse_prs.c:(452)
prs_mem_get: reading data of size 4 would overrun
buffer.
[2002/07/17 18:06:05, 0] rpc_server/srv_pipe.c:(1087)
api_pipe_auth_process: failed to unmarshall
RPC_AUTH_NTLMSSP_CHK.
[2002/07/17 18:06:05, 0]
rpc_server/srv_pipe_hnd.c:(482)
process_request_pdu: failed to do auth processing.
[2002/07/17 18:06:05, 10]
rpc_server/srv_pipe_hnd.c:(283)
set_incoming_fault: Setting fault state on pipe samr
: pnum = 0x752d
[2002/07/17 18:06:05, 3]
rpc_server/srv_pipe_hnd.c:(646)
process_complete_pdu: DCE/RPC fault sent on pipe
lsass
[2002/07/17 18:06:05, 10]
rpc_server/srv_pipe_hnd.c:(283)
set_incoming_fault: Setting fault state on pipe samr
: pnum = 0x752d
-------
Any ideas? or any suggestions? Please ask me, if
information is not enough. I will give you more.
2. Does "smbpasswd -r remotemachine -U remoteuser"
work properly?
Here is my error.
machine remotemachine rejected the password change:
Error was : RAP86: The specified password is invalid.
Failed to modify password entry for user remoteuser.
Here is server log.
<snip>
[2002/07/17 19:29:58, 3] smbd/sec_ctx.c:(420)
pop_sec_ctx (101, 101) - sec_ctx_stack_ndx = 0
[2002/07/17 19:29:58, 0] smbd/chgpasswd.c:(817)
check_oem_password: incorrect password length
(-730175364).
[2002/07/17 19:29:58, 5] smbd/ipc.c:(62)
copy_trans_params_and_data: params[0..2] data[0..0]
<snip>
If i asked redundant questions, kindly give me a
pointer.
Thanks a lot,
GV
visolve.com
__________________________________________________
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes
http://autos.yahoo.com
More information about the samba-technical
mailing list