password change block for 3.0.14
lukeh at padl.com
Fri Apr 8 04:05:19 GMT 2005
Also, before Windows issues a password change RPC, it makes a SAM
RPC to retrieve the password policy; this determines which RPC is
subsequently used to change the user's password.
>From: "Gerald (Jerry) Carter" <jerry at samba.org>
>Subject: Re: password change block for 3.0.14
>To: "Gerald (Jerry) Carter" <jerry at samba.org>
>Cc: Multiple recipients of list SAMBA-TECHNICAL <samba-technical at samba.org>
>Date: Thu, 07 Apr 2005 23:00:32 -0500
>-----BEGIN PGP SIGNED MESSAGE-----
>Gerald (Jerry) Carter wrote:
>| Gerald (Jerry) Carter wrote:
>| | I've hit a stumbling block for 3.0.14 (fixes for Win2003 sp1).
>| | A user logged onto a Win2k sp1 client cannot change her password
>| | on a Samba DC.
>| | The client uses an older RPC against a Samba PDC (samr 0x26 -
>| | ChangePasswordUser() ). Where as as when joined to an NT 4 Domain,
>| | the client uses a different call ( samr 0x37 -
>| | SamrUnicodeChangePWUser2() ).
>| | My best guess is that the change is caused by the NTLMSSP auth
>| | negotiate tagged onto the RPC bind ACK from the Samba box.
>| This should have said absence of NTLMSSP auth (privacy) when
>| talking to the Samba box. However, apparently Samba 3 doesn't
>| have server support for the NTLMSSP AUTH on rpc binds.
>| I found the rpc fault ealier up in the trace.
>scratch that. Last mail tonight I think. The issue is the presence
>of multiple context id's causing us to misparse the pdu.
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.5 (GNU/Linux)
>Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>-----END PGP SIGNATURE-----
More information about the samba-technical