encrypt passwords=no, security=yes, samba 2.2.8, W2K user aut
h fails
MCCALL,DON (HP-USA,ex1)
don_mccall at hp.com
Fri Mar 28 14:13:14 GMT 2003
Hi Tony,
Can't make it happen here on my HP-UX system, and I don't have a Solaris
system to test on. But if you want to get me a log level 10 debug of
the issue, and the output of testparm, I'll see if I can spot anything.
Send the log and testparm off list, and compressed, ok?
Don
> -----Original Message-----
> From: tony shepherd [mailto:tony.shepherd at sun.com]
> Sent: Thursday, March 27, 2003 23:31
> To: MCCALL,DON (HP-USA,ex1); samba-technical at samba.org
> Subject: RE: encrypt passwords=no, security=yes, samba 2.2.8, W2K user
> aut h fails
>
>
>
>
> --On Thursday, March 27, 2003 10:06:08 AM -0500 "MCCALL,DON
> (HP-USA,ex1)"
> <don_mccall at hp.com> wrote:
>
> > Hi tony,
> > based on your log file, it sure does APPEAR that you have
> NOT turned off
> > encrypted passwords,
> > as samba is trying to open
> /usr/local/samba/private/smbpasswd. It should
> > only do that if it negotiated encrypted passwords in the
> negot prot call,
> > which it should only be able to do if encrypted passwords
> is set to yes.
> >
> > I note that you are including ANOTHER smb.conf file at the
> end of your
> > global section; please check there and see if you have an encrypt
> > passwords = yes, and/or include the contents of that
> smb.conf file as
> > well in your next message to the list, ok?
> > include=/etc/sfw/local-smb.conf
>
> local-smb.conf is an empty file. I don't have another
> encrypt passwords =
> yes anywhere in the config file.
>
> What is weird is that I can eventually authenticate after I
> change the
> username I try to authenticate with and then change back again.
>
> So, this looks like a bug? I wonder whether it only effects Solaris
> systems. I would have thought others would have fallen across it.
>
> I can't code, but I can provide logs and testing. Please let
> me know if I
> can help at all.
>
> tony
>
>
>
> >> -----Original Message-----
> >> From: tony shepherd [mailto:tony.shepherd at sun.com]
> >> Sent: Tuesday, March 25, 2003 21:31
> >> To: samba-technical at samba.org
> >> Cc: tony.shepherd
> >> Subject: BUG: encrypt passwords=no, security=yes, samba
> >> 2.2.8, W2K user
> >> auth fails
> >>
> >>
> >> folks
> >>
> >> **
> >> I am not on this mail list. Can all replied please be Cc'ed
> >> to me as well.
> >> **
> >>
> >> I have come across the following bug using samba 2.2.8 (in
> >> the throws of
> >> upgrading from 2.0.10 to fix security vul).
> >>
> >> I discovered this bug using a W2K system; it was not present
> >> when testing
> >> with win98. I am running the samba server on a solaris 9 system.
> >>
> >> I am using "encrypt passwords = no" and "security=user" and
> >> using the Unix
> >> passwords for authentication. Registry modification have
> >> been made to the
> >> windows system.
> >>
> >> To replicate the bug, I do the following:
> >>
> >> * log onto w2k system as user ts74081, passwd: fred
> >> * try and open the share: \\huey\ts74081. As my password is
> >> different
> >> between the windows system and the samba server, it
> prompts me for a
> >> username/password pair. I give the correct values but I
> >> still get rejected.
> >> * I then try to access the share as a different user (one
> >> that does not
> >> exist on the system): username fred, passwd fred. Naturally
> >> it fails.
> >> * I then try again with the proper username/password pair and I get
> >> authenticated correctly and the share is made available.
> >>
> >>
> >> If I do not try and authenticate as a different user before
> >> retrying with
> >> the proper username, it will continue to fail to authenticate.
> >>
> >> I have attached debug 3 logs of the above scenario as well as
> >> the smb.conf
> >> I am using.
> >>
> >> If I change the security parameter to "security=share", the
> >> above bug does
> >> not show itself.
> >>
> >>
> >> thanks
> >>
> >> tony
> >>
> >>
>
>
More information about the samba-technical
mailing list