Authenticating WinXP with Samba 3.0 CVS (plaintext) problem
Kris Van Hees
aedil at alchar.org
Wed Feb 26 19:54:00 GMT 2003
On Wed, Feb 26, 2003 at 01:39:26PM -0600, Christopher R. Hertel wrote:
> On Wed, Feb 26, 2003 at 12:59:58PM -0500, Kris Van Hees wrote:
> > I have a WinXP box that has plaintext password enabled. I have a Samba 3.0
> > CVS server that also does not use encrypted passwords (uses PAM). I cannot
> > connect to shares from the WinXP box because apparantly the non-encrypted
> > password is sent as the NT password, and nothing as the LM password.
>
> You mean that XP sends the plaintext password in the Unicode Password
> field? That's sick. Does it send it as ASCII or Unicode.
That is correct, and it is in Unicode indeed (2 bytes per character).
> > The protocol that was negotiated was NT LM 0.12.
>
> That would be correct.
>
> > From the code, it seems that the Samba server believes that plaintext
> > passwords should only be sent for the protocols < PROTOCOL_NT1 (anything
> > other than NT LM 0.12 or NT LANMAN 1.0).
>
> No, Samba can handle plaintext just fine in the NT LM 0.12 dialect. It's
> just that Samba needs to know where to *find* the password. Plaintext
> passwords are always sent in the first password field (ASCII Password, or
> CaseInsensitivePassword, depending on which documentation you read).
Yup, and WinXP I guess is not playing nice in that sense.
> > Has anyone else seen this? Am I missing something here? Getting WinXP to
> > work with plaintext passwords is rather important for my setup.
>
> No, but I don't have an XP system available. I'd be interested in seeing
> the SessionSetupAndX from an Ethereal trace.
Would a tcpdump of the dialogue also be acceptable? :) I can of course also
send the samba.log and/or SMBtconX.* files etc...
Kris
More information about the samba-technical
mailing list