Authenticating WinXP with Samba 3.0 CVS (plaintext) problem

Christopher R. Hertel crh at
Wed Feb 26 19:39:26 GMT 2003

On Wed, Feb 26, 2003 at 12:59:58PM -0500, Kris Van Hees wrote:
> I have a WinXP box that has plaintext password enabled.  I have a Samba 3.0
> CVS server that also does not use encrypted passwords (uses PAM).  I cannot
> connect to shares from the WinXP box because apparantly the non-encrypted
> password is sent as the NT password, and nothing as the LM password.  

You mean that XP sends the plaintext password in the Unicode Password 
field?  That's sick.  Does it send it as ASCII or Unicode.

> The protocol that was negotiated was NT LM 0.12.

That would be correct.

> From the code, it seems that the Samba server believes that plaintext
> passwords should only be sent for the protocols < PROTOCOL_NT1 (anything
> other than NT LM 0.12 or NT LANMAN 1.0).

No, Samba can handle plaintext just fine in the NT LM 0.12 dialect.  It's 
just that Samba needs to know where to *find* the password.  Plaintext 
passwords are always sent in the first password field (ASCII Password, or 
CaseInsensitivePassword, depending on which documentation you read).

> Has anyone else seen this?  Am I missing something here?  Getting WinXP to
> work with plaintext passwords is rather important for my setup.

No, but I don't have an XP system available.  I'd be interested in seeing 
the SessionSetupAndX from an Ethereal trace.

Chris -)-----

> -- 
> Never underestimate a Mage with:
>  - the Intelligence to cast Magic Missile,
>  - the Constitution to survive the first hit, and
>  - the Dexterity to run fast enough to avoid being hit a second time.

I've got a fourth-level wombat teaser that's +4 on musk.

Samba Team --     -)-----   Christopher R. Hertel
jCIFS Team --   -)-----   ubiqx development, uninq.
ubiqx Team --     -)-----   crh at
OnLineBook --    -)-----   crh at

More information about the samba-technical mailing list