Problem linking SAMBA-2.0.6 on VMS-6.2

[John E. Malmberg]

georges.bert at Lafarge-Ciments.Lafarge.company wrote:
 >
 > Hello,
 >
 > I have successfully installed SAMBA-2.0.3 on a VAX running VMS-6.2.
 >
 > The problem I am faced to  now is that I need encrypted passwords
 > (because we have NT and W2K boxes). So I'm trying to install
 > SAMBA-2.0.6.

There are registry scripts to enable plain text passwords on NT and W2K
systems with the current UNIX SAMBA distribution.

 > The first step was to install Frontport. Since there was no C
 > compiler on the VAX, I copied the DECC$CRTL.OLB (V5.7) in sys$share.
 > After that (and some other minor modifications) I have been able to
 > link and start Frontport.
 >
 > The problem is that I can't link samba. I added
 > sys$share:DECC$CRTL.OLB/lib to the link command in
 > LINK_SAMBA_VMS.COM and I get the following error : Linking shared
 > image for UBIQX. Linking shared image for LIB. %LINK-E-OUTSIMG,
 > attempted store location %X000649FC is outside image binary (%X 00000000
 > to %X00000000) in psect ENVIRON module C$EXTERNDATA file
 > SYS$SYSROOT:[SYSLIB]DECC$CRTL.
 >
 > ("OpenVMS System Messages and Recovery Procedure Reference Manual"
 > explains that the problem comes from a common initialization in a
 > shreable image but it doesn't help me !).
 >
 > May be I made something stupid but I can't figure out where ... !

Because I did not test link FRONTPORT or SAMBA on a version of OpenVMS 
prior to 7.1, I did not realize that some of the CRTL routines that were 
added with 7.0 were missing wrappers with Frontport.  As a result, the 
object modules are compiled expecting a CRTL of 7.1 or later.

It might work to link them also with the DECC$CRTL.OLB.  It also may not 
work.

 > Can anybody help me or suggest a direction to explore ?

A. Enable plain text passwords.

B. Upgrade to a current version of OpenVMS.

C. Get the Compaq C Compiler.  GCC VAX might be able to compile the 
sources.  GCC VAX probably needs some updates from 
ftp://ftp.qsl.net/pub/wb8tyw/

D. If you have a home VAX system that is not used for commercial use, 
you can get a free hobby license for OpenVMS (any version) and the 
layered products, which includes the Compaq C compiler.

E. Get Pathworks client licenses and install Pathworks 6.x.  The 
licensing model no longer requires any client software, and you can get 
capacity licenses.  Pathworks 6.x and later can also become a resource 
domain of an NT domain.

Pathworks Server 6.x and later can also be used on OpenVMS to use DCL to 
do many user and share manipulations on an NT domain.  This 
functionality does not require client licenses.  This technology works 
better than the experimental methods in the SAMBA 3.x branch.

Note that plain text passwords are effectively only a vulnerability if 
you have problems with people able to capture packets off of your 
network.  If that is the case, other things are also at risk.

Encrypting the passwords only prevents those passwords from being used 
to attack non-windows systems.

It does not make the shares themselves more secure.

Normal Telnet and ftp have the same vulnerability.

-John
wb8tyw at qsl.network
Personal Opinion Only