Authentication question

Christopher R. Hertel crh at
Fri Nov 8 21:55:01 GMT 2002

Make sure that the W2K client is configured to allow plaintext passwords.
It is common for Windows clients to disallow plaintext passwords to
prevent downgrade attacks that could otherwise cause them to reveal the
password to a cracked server.

Chris -)-----

On Fri, Nov 08, 2002 at 03:54:13PM -0500, Kris Van Hees wrote:
> Working with CVS HEAD, when I set encrypt password = no, and I configured
> --with-pam, a client connection from a Win2000 machine is failing the unix
> password authentication check, because the password is apparently an empty
> string (1 byte long, the '\0' byte).  But the user most definitely entered
> a password (and the log also shows that that there is an 'lm' password sent
> (length properly set as 24 bytes) (reply to a random challenge).
> Is this supposed to work yet on the CVS HEAD version (since it did work on
> 2.x), or is this still being worked on?
> 	Kris
> -- 
> Never underestimate a Mage with:
>  - the Intelligence to cast Magic Missile,
>  - the Constitution to survive the first hit, and
>  - the Dexterity to run fast enough to avoid being hit a second time.

Samba Team --     -)-----   Christopher R. Hertel
jCIFS Team --   -)-----   ubiqx development, uninq.
ubiqx Team --     -)-----   crh at
OnLineBook --    -)-----   crh at

More information about the samba-technical mailing list