security = server accepts TWO passwords?

Elfredy V. Cadapan evc at
Fri Oct 17 18:16:27 GMT 1997


I've a subnet behind a Linux router that is also the domain server,
WINS server and browse master for the domain:

| PC | -----         Host 1              Host 2
------     |  -------------------    ---------------------
------     |--| Domain  (samba, |----| Password (samba,  |
| PC | -----  | master  Linux)  |    | server    Solaris |
------        -------------------    ---------------------

I've gotten the Win95 PCs to authenticate off Host 1. Host 2 is also
a Samba server that provides filespace for the PCs. Host 2 is on 
a separate Ethernet subnet from the PC subnet... and I my PCs can browse
it normally (Samba 1.9.17p2).

However, when I set security=server and password server=host2 on Host 1,
I find that I can login on the PCs using the user's password on either
Host1 or Host2. (no encryption)
if I type the user's password for Host 2, a level 2 log shows

negprot passwd accepted

and logs me in - my expected behavior.
If I use the users password for Host 1 (which I do not want to do - I
want all authentication off Host 2) it still allows me to log onto the
domain, even though the logs show

negprot password rejected

Is this normal behavior? Does security = server mean accept both the 
local passwd on the domain server AND the password server?

 Elfredy Cadapan                  
  Institute of Computer Science, UP at Los Banos               
  Home page :

More information about the samba mailing list