Samba Issue

Andrew Bartlett abartlet at
Thu Aug 25 02:43:35 GMT 2005

On Thu, 2005-08-25 at 09:43 +0800, paul.bardeskar at wrote:
> Hi Andrew,
> Check the attached smb.conf file.
> I have changed the IP and the host name.

You have set 'security=share'.  In the current Samba3 code we do:

	if (lp_security() == SEC_SHARE) {
		/* in share level we should ignore any passwords */


		/* Then force it to null for the benfit of the code below */
		*user = 0;

In Samba 2.2 it was similar, but my point is simple - in security=share,
the username and password for a session setup (the thing your 'tool' is
testing) is ignored, so indeed it will 'find' dummy accounts.

Andrew Bartlett

Andrew Bartlett                      
Samba Developer, SuSE Labs, Novell Inc.
Authentication Developer, Samba Team 
Student Network Administrator, Hawker College
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list