Bug 2874 - Password change -- Wbinfo and Winbind allow BOTH OLD
& NEW passwords to work..
Jeremy Allison
jra at samba.org
Mon Oct 3 20:11:28 GMT 2005
On Mon, Oct 03, 2005 at 04:00:17PM -0400, Brian Moran wrote:
> One of our employees is seeing that BOTH old and new passwords work just
> after he's changed his password on the domain...
>
>
>
> <Change domain password on domain to which his Linux workstation is
> joined>
>
>
>
> wbinfo -a CORP+aglabek%<new password>
>
> challenge/response password authentication succeeded
>
>
>
> wbinfo -a CORP+aglabek%<old password>
>
> challenge/response password authentication succeeded
>
>
>
> wbinfo -a CORP+aglabek%<some random characters (bad password)>
>
> challenge/response password authentication failed
>
>
>
> Looks like this is the same as 2874. What additional information is
> required to verify and squash this one?
Debug level 10 log from winbindd. I wonder if it's authenticating
against a pdc and bdc which haven't replicated yet, or it's password
history....
Jeremy.
More information about the samba-technical
mailing list