Passwords fail from Win95 but not from DOS (Samba 1.9.16p11/NetBSD)

Simon Greaves S.J.Greaves at hw.ac.uk
Thu Jul 31 17:00:09 GMT 1997 

Hi,

I'm having some problems with Samba 1.9.16p11 on a Sun3/60 running
NetBSD 1.2. I have a Win95 client and a couple of DOS clients on a
single ethernet segment (it's at home :-).

I've set up a simple configuration, intention was just to serve files
from the Sun to the PC's. Everything works perfectly except
authentication from the Win95 client. I can connect to the Samba
shares using smbclient and the DOS client without problems. Similarly,
if I set up a share (with a password) on the Win95 PC, I can connect
to it from the DOS clients and from smbclient. To make matters worse,
I have had this working before, but was using an older version of
samba and the Win95 upgrade. Due to hardware failure I am now using
Win95a (OEM version) with Service pack1 applied.

The Win95 client can happily browse the Sun, and can use the [tmp]
share (no password required), but when I try to use my homedir the
Win95 client will _NOT_ connect, I simply get the authentication
failed dialog. Needless to say, the password is correct (works from
the DOS client) and the username/passwords are the same on the PC &
Sun.

So, looks like a problem with the Win95 client config?
Hmmmm..... Turned on debugging and it looks like the Win95 client is
not passing the password to samba: 

	parsing net-path \\ZEPPO\SIMON, passlen=0
	Got device type ?????
	07/31/97 02:01:27 invalid username/password for simon
	07/31/97 02:01:27 error packet at line 131 cmd=117 (SMBtconX)
		eclass=2 ecode=2

this is using the NT LM 0.12 protocol (the default?). I noted that
the DOS client used DOS LM1.2X002, I added a 'protocol = LANMAN2'
statement to smb.conf. Tried to connect, the Win95 client uses an
appropriate protocol but still fails with similar messages.

So, I'm a bit stumped. Is this an encryption issue? - I noticed some
mention of 'challenge' in the logs. I have since compiled the DES
stuff in, but not yet tried it, I assumed using a lower protocol (even
tried COREPLUS) would fall back to using its authentication method.....

Anyone have any suggestions? I'll append some log extracts in the hope
it helps (the Samba host is zeppo, the Win95 PC is chico and the DOS
client is shagnasty).

Thanks,

Simon
-----

8<-=-=-=-=-=- smb.conf -=-=-=-=-=-

[global]
   printing = bsd
   printcap name = /etc/printcap
   load printers = yes
   guest account = nobody
   log file = /usr/local/samba/var/log.%m

[homes]
   comment = Home Directories
   browseable = no
   read only = no
   create mode = 0750

[printers]
   comment = All Printers
   browseable = no
   printable = yes
   public = no
   writable = no
   create mode = 0700

[tmp]
   comment = Temporary file space
   path = /tmp
   read only = yes
   public = yes

8<-=-=-=-=-=- Log for DOS Client (success) -=-=-=-=-=-

switch message SMBnegprot (pid 1235)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [MICROSOFT NETWORKS 3.0]
Requested protocol [DOS LM1.2X002]
Selected protocol DOS LM1.2X002
07/31/97 01:57:53 negprot index=2

...

switch message SMBsesssetupX (pid 1235)
sesssetupX:name=[SHAGNASTY]
SMB Password - pwlen = 24, challenge_done = 0
Checking password for user shagnasty (l=24)
Couldn't find user shagnasty
Registered username nobody for guest access
nobody is in 1 groups
9999 
uid 32767 registered to name nobody

...

switch message SMBtcon (pid 1235)
parsing connect string \\ZEPPO\SIMON
checking for home directory simon gave /home/simon
adding home directory simon at /home/simon
SMB Password - pwlen = 10, challenge_done = 0
Checking password for user nobody (l=10)
SMB Password - pwlen = 10, challenge_done = 0
Checking password for user simon (l=10)
ACCEPTED: session list username and given password ok
found free connection number 82
Connect path is /home/simon
simon is in 2 groups
20 0 
trying claim /usr/local/samba/var/locks STATUS. 1000
become_user uid=(0,501) gid=(20,20)
chdir to /home/simon
chdir to /
unbecome_user now uid=(0,0) gid=(0,0)
07/31/97 01:57:54 shagnasty (137.195.5.55) connect to service simon as user simon (uid=501,gid=20) (pid 1235)
07/31/97 01:57:54 tcon service=simon user=simon cnum=82

8<-=-=-=-=-=- Log for Win95 Client (failed) -=-=-=-=-=-

switch message SMBnegprot (pid 1255)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [MICROSOFT NETWORKS 3.0]
Requested protocol [DOS LM1.2X002]
Requested protocol [DOS LANMAN2.1]
Requested protocol [Windows for Workgroups 3.1a]
Requested protocol [NT LM 0.12]
Selected protocol NT LM 0.12
07/31/97 02:01:20 negprot index=5

...

switch message SMBsesssetupX (pid 1255)
Domain=[]  NativeOS=[GITGROUP] NativeLanMan=[Windows 4.0]
sesssetupX:name=[]
nobody is in 1 groups
9999 
uid 32767 registered to name nobody

...

switch message SMBtconX (pid 1255)
parsing net-path \\ZEPPO\IPC$, passlen=0
Got device type IPC
ACCEPTED: guest account and guest ok
found free connection number 12
Connect path is /tmp
become_user uid=(0,32767) gid=(9999,9999)
chdir to /tmp
chdir to /
unbecome_user now uid=(0,0) gid=(0,0)
07/31/97 02:01:20 chico (137.195.5.2) connect to service IPC$ as user nobody (uid=32767,gid=9999) (pid 1255)
07/31/97 02:01:20 tconX service=ipc$ user=nobody cnum=12

...

switch message SMBsesssetupX (pid 1255)
chdir to /
unbecome_user now uid=(0,0) gid=(0,0)
Domain=[GITGROUP]  NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
sesssetupX:name=[SIMON]
Registered username simon for guest access
adding home directory simon at /home/simon
simon is in 2 groups
20 0 
uid 501 registered to name simon

...

switch message SMBtrans (pid 1255)
become_user uid=(0,32767) gid=(9999,9999)
chdir to /tmp
trans <\PIPE\LANMAN> data=0 params=19 setup=0
Got API command 0 of form <WrLeh> <B13BWz> (tdscnt=0,tpscnt=19,mdrcnt=4096,mprcnt=8)
Doing RNetShareEnum
RNetShareEnum gave 4 entries of 4 (1 4096 167 4096)

...

switch message SMBtconX (pid 1255)
chdir to /
unbecome_user now uid=(0,0) gid=(0,0)
parsing net-path \\ZEPPO\SIMON, passlen=0
Got device type ?????
07/31/97 02:01:27 invalid username/password for simon
07/31/97 02:01:27 error packet at line 131 cmd=117 (SMBtconX) eclass=2 ecode=2

8<-=-=-=-=-=- End of logfiles -=-=-=-=-=-


Simon
--
Simon Greaves					email:	S.J.Greaves at hw.ac.uk
Systems development manager			phone:	+44 (0) 131 451 3265
Computer Centre, Heriot-Watt University		fax:	+44 (0) 131 451 3261
Edinburgh, EH14 4AS, UK

More information about the samba mailing list