DES Encryption

Richard Furda rfurda at wgss.net
Thu Dec 18 03:50:50 GMT 1997 

Hello,

I don't know if this is a bug of some sort, but I am running out of ideas. 

O/S:	  FreeBSD 2.2.5-stable 
Samba:  Version 1.9.17p4
Clients:  Win95 only

I am trying to get Samba to accpet Win95 clients logging on my FreeBSD
Samba domain logon server. 
If I empty (null) my password I can login, if I have an encrypted password
(/etc/passwd) it will not work. 

I will get:

"You have entered an incorrect password, or access to your logon server has
been denied."

I have read and followed the instructions in the docs/ENCRYPTION.txt for 
SMB encrypted (lanman) support.

In the Makefile I specified:

# This is for FreeBSD
# contributed by kuku at acds.physik.rwth-aachen.de
# NOTE: You may need to add -DBSD44 if you have password problems
FLAGSM = -DFreeBSD -DAUTOMOUNT -DUFC_CRYPT -DQUOTAS -DFAST_SHARE_MODES
LIBSM = -lcrypt 

# This is for SMB encrypted (lanman) passwords.
# you may wish to add -DREPLACE_GETPASS if your getpass() is limited
# to 8 chars
 DES_BASE=/usr/lib
 DES_FLAGS= -I$(DES_BASE)
 DES_LIB= -L$(DES_BASE) -ldes
 PASSWD_FLAGS=-DUSE_LIBDES -DSMB_PASSWD=\"$(BINDIR)/smbpasswd\"
-DSMB_PASSWD_FILE=\"$(BASEDIR)/private/smbpasswd\"

Samba will compile and run no problem. But it still give me the error
message of password being incorrect.

my config file is:

[global]
interfaces= 207.102.50.2/255.255.255.0
hosts allow = 207.102.50.0/255.255.255.0
remote announce =
207.102.50.15/207.102.50.31/207.102.50.63/207.102.50.127/207.102.50.255
os level = 33
workgroup = GATOR
netbios name = GATOR1
wins support = yes
browseable = yes
browse list = yes
preferred master = yes
local master = yes
domain logons = yes
admin users = @wheel
share modes = yes
socket options = TCP_NODELAY
fake oplocks = Yes
getwd cache = Yes
read raw = no
max xmit = 32768
nis homedir = true
encrypt passwords = yes
null passwords = yes
security = USER
log file = /var/log/samba.log
debug level = 5
logon script = /usr/local/samba/map-home.bat
short preserve case = yes
case sensitive = yes
preserve case = yes

;                       ==== WGSS Users =====
[homes]
writeable = yes
browseable = no
comment = %u's home directory
create mask = 0775

[netlogon]   
comment = Samba Network Logon Service
path = /home/netlogon
case sensitive = no
guest ok = no
browseable = no  
admin users = @wheel
writeable = yes

my /usr/local/samba/map-home.bat is done with MS Win95 Notepad: 
@ehoo off^
echo maping home directory...
net use g: \\gator1\netlogon /home

I run samba as:
/usr/local/sbin/smbd -D -s /usr/local/etc/smb.conf
/usr/local/sbin/nmbd -D -s /usr/local/etc/smb.conf

As you see in my smb.conf I have:

remote announce =
207.102.50.15/207.102.50.31/207.102.50.63/207.102.50.127/207.102.50.255
My network is subneted, the table is available at http://www.wgss.net/subnets

I have set Win95 to use the WINS Server to 207.102.50.2 (my freebsd server
running samba).

Also, my mapping does not work. If I login with an null/empty password, the
logon script
will not execute (/usr/local/samba/map-home.bat).. If i manually run it in
MS-DOS shell 
"net use g: \\gator1\netlogon /home", it will map it.
I did set chmod a+rx /usr/local/samba/map-home.bat
All I want with the map-home.bat is when a client loges in like riso,
/home/riso would be 
automatically mapped to G: or something...

As you see I turned the logging to level 5 for debugging purposes.
Nobody uses the samba server yet. When I do the loggin on part this is what
samba.log says 
about it:

12/17/97 19:39:58 changed root to /
priming nmbd
sending a packet of len 1 to (127.0.0.1) on port 137 of type DGRAM
12/17/97 19:39:58 Transaction 0 of length 72
netbios connect: name1=GATOR1           name2=RISO           
12/17/97 19:39:58 init msg_type=0x81 msg_flags=0x0
12/17/97 19:39:58 Transaction 1 of length 158
size=154
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=0
smb_tid=0
smb_pid=6237
smb_uid=0
smb_mid=41347
smt_wct=0
smb_bcc=119
switch message SMBnegprot (pid 18058)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [MICROSOFT NETWORKS 3.0]
Requested protocol [DOS LM1.2X002]
Requested protocol [DOS LANMAN2.1]
Requested protocol [Windows for Workgroups 3.1a]
Requested protocol [NT LM 0.12]
Selected protocol NT LM 0.12
12/17/97 19:39:58 negprot index=5
size=75
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=128
smb_flg2=1
smb_tid=0
smb_pid=6237
smb_uid=0
smb_mid=41347
smt_wct=17
smb_vwv[0]=5 (0x5)
smb_vwv[1]=12801 (0x3201)
smb_vwv[2]=256 (0x100)
smb_vwv[3]=65280 (0xFF00)
smb_vwv[4]=255 (0xFF)
smb_vwv[5]=65280 (0xFF00)
smb_vwv[6]=255 (0xFF)
smb_vwv[7]=35328 (0x8A00)
smb_vwv[8]=70 (0x46)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=3 (0x3)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=46651 (0xB63B)
smb_vwv[13]=26268 (0x669C)
smb_vwv[14]=48395 (0xBD0B)
smb_vwv[15]=57345 (0xE001)
smb_vwv[16]=1 (0x1)
smb_bcc=6
12/17/97 19:39:58 Transaction 2 of length 151
size=147
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=16
smb_flg2=0
smb_tid=0
smb_pid=6237
smb_uid=1
smb_mid=41347
smt_wct=13
smb_vwv[0]=117 (0x75)
smb_vwv[1]=115 (0x73)
smb_vwv[2]=2920 (0xB68)
smb_vwv[3]=50 (0x32)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=18058 (0x468A)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=24 (0x18)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_bcc=54
switch message SMBsesssetupX (pid 18058)
Domain=[]  NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
sesssetupX:name=[RISO]
Checking password for user riso (l=0)
12/17/97 19:39:59 error packet at line 530 cmd=115 (SMBsesssetupX) eclass=2
ecode=2
error string = No such file or directory
size=35
smb_com=0x73
smb_rcls=2
smb_reh=0
smb_err=2
smb_flg=128
smb_flg2=1
smb_tid=0
smb_pid=6237
smb_uid=1
smb_mid=41347
smt_wct=0
smb_bcc=0
end of file from client
Closing connections
smb_shm_close
fcntl_lock 4 9 0 1 3
Lock call successful
calling
smb_shm_unregister_process(/usr/local/samba/var/locks/SHARE_MEM_FILE.process
es, 18058)
smb_shm_unregister_process : read record for pid 18058
smb_shm_unregister_process : erasing record for pid 18058 (seek_val = -4)
fcntl_lock 4 9 0 1 2
Lock call successful
12/17/97 19:39:59 Server exit  (normal exit)


So I really don't know what to do now:-(

P.S.: Thanks in advance...

Richard Furda,
admin at wgss.net

More information about the samba mailing list