is this a bug
Fulvio.Corno at polito.it
Wed Oct 15 09:38:23 GMT 1997
At 03:19 15/10/97 +1000, mfrattola at mail.enjoy.it wrote:
>Am I doing something wrong? Is revalidate mutually exclusive WRT security=user
>(I read many docs, and didn't find any clue about this)?
I can confirm that this is indeed the case. I wrote a message to the list in
October '96, in which I also suggested some additions to the documentation,
that unfortunately didn't get included.
For your convenience, I copy here an excerpt of my former message.
>Dear Samba List,
>I've just finished debugging a problem with user level security, so I let you
>all know. This is for 1.16p2, but I think it's common to most Samba versions.
>The "problem": user level security does NOT work if you have revalidate=true
>in your smb.conf
>The reason: in user level security, the password is never send, except in the
>initial session setup. Revalidate=true prevents samba from re-using the
>session setup password in tree connect commands, so no service can ever be
>connected, except public ones.
>The solution: It seems to me that this is a "correct" behavior (at least a
>very consistent one), I had trouble because it isn't documented anywhere. And,
>since I had a server with revalidate=true running in share level since years,
>when I switched to user level it took me a while to figure it out.
>I propose to add the following information into DIAGNOSIS.txt, in TEST 7:
>If it says "bad password" then the likely causes are:
>...all the current cases...
>- you are running in user level security with revalidate=True
>And maybe update the "revalidate" entry in the smb.conf man page to read:
> If "revalidate" is True then the client will be denied
> automatic access as the same username. Note that this will not
> work if the client is is user level security.
/ Fulvio Corno <corno at polito.it> / Dip. Automatica e Informatica /
/ Tel: +39 11 564.7053 / Politecnico di Torino /
/ Fax: +39 11 564.7099 / C.so Duca degli Abruzzi 24 /
/ http://www.polito.it/~corno / I-10129 TORINO (Italy) /
'============= CAD group: http://www_cad.polito.it =================='
More information about the samba