Has smbclient behavior changed from 2.2.8a to 3.0.0?

Andrew Bartlett abartlet at samba.org
Tue Nov 11 07:54:24 GMT 2003

On Wed, 2003-11-05 at 12:32, Brenden J. Bain wrote:
> Hi All,
> Sorry if this is redundant. My in my last e-mail is that Samba 3.0.0
> already drops to a 139 connection when executing the "NetServerEnum2"
> call. That is, the client first connects to 445 to execute the
> "NetServerEnum" and then reconnects to the same server on 139 for the
> "NetServerEnum2" call. This is coded in the "static int
> do_host_query(char *query_host)" fuction from client/client.c in my
> Samba 3.0.0 source.
> As for adding "-p 139" still does not work as already reported. The
> client is forced to connect to the server on 139, however, the
> "NetServerEnum2" call is still empty.
> Again in all these cases the "NetServerEnum2" call to port 139  
> has the server name in the "Enumeration Domain" rather than the
> workgroup/domain name. I still can't see why the "Enumeration Domain"
> should be set to the server name over the workgroup/domain name,
> especially for 139 connections.
> I had a quick glance through the source. To me it seems that the
> that extended security could cause the problem. In the
> client/client.c the workgroups are listed in"static BOOL
> list_servers(char*wk_grp):2039" with the call:
>   cli_NetServerEnum(cli, cli->server_domain, SV_TYPE_DOMAIN_ENUM,
>                     server_fn, NULL);
> Now "cli->server_domain" is set in "cli_session_setup". Now my client
> authenticates over extended security using "ntlmssp". In the
> libsmb/cliconnect.c the function 
> "static BOOL cli_session_setup_ntlmssp:523" cli->server_domain is set
> in the following:
> 	if (NT_STATUS_IS_OK(nt_status)) {
> 		fstrcpy(cli->server_domain, ntlmssp_state->server_domain);
> 		set_cli_session_key(cli, ntlmssp_state->session_key);
> 	}
> >From my ethereal traces the "server_domain" is the name of the server
> that I contaced rather than the workgroup it is associated with.
> Hence when eventually I make the call to cli_NetServerEnum is is passed
> the server name rather than "domain/workgroup".
> This could be a result of our setup. We basically have a highly dynamic
> netbios lan. The server I connect to is not part of any "domain" (though
> it is part of a workgroup) and as such it may be correct to send the
> machine name back to the client. On the other hand, as
> extended security was negioated with the XP box, maybe XP thinks the
> client is another XP/2000 box and ignores all concepts of NetBIOS names.

No, they are independent.

> The problem is solved when we are forced to connect to a machine using
> the old "NTLM" or "LM" hashes as the workgroup name is correctly
> returned by the server and set in "struct cli".
> Maybe Samba sould not use extended security when trying to connect on
> port 139? Then again I could be completely wrong.

No, but it looks like we should not be using the domain from the NTLMSSP
packet (as it is the authentication domain), but instead the workgroup
from the end of the session-setup reply.

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20031111/83abbd96/attachment.bin

More information about the samba-technical mailing list