security = server accepts TWO passwords?

John Blair jdblair at
Sun Oct 19 16:18:20 GMT 1997

>In other news, I'm still having a problem connecting to
>Samba 1.9.17(p2 or p3) using security = server from Win 95 and NT
>clients.  The password server is NT 3.51.  This ONLY happens to
>users who have restricted client access to the NT password server.
>I've tried listing the client, the Samba server, the NT server, and
>my mother's maiden NetBIOS name in the access list to no avail.
>Is anyone using Samba 1.9.17p2 or greater in a similar situation
>with success?  Giving users unrestricted access solves the problem.

Try granting the users with restricted client access the right to connect
to the server from the Samba server. Since unrestricted access solves the
problem, I'm guessing that when the Samba server connects to authenticate
the user, the NT server thinks the user is connectiong _from_ the Samba
server, sees that the user isn't allowed to connect from there, and refuses
to authenticate the password.  Somebody correct me if I'm wrong, but
doesn't Samba test the password in "security = server" mode by trying to
log into the password server?

>Strangely, using smbclient allows me to connect using either the
>NT password or the unix password.

Does connecting from Windows clients not let you use the UNIX password?  I
would think this behavior would be normal, as you stated at the beginning
of your message:

>Samba goes back to security = user if negotiation with the
>server fails.  Handy, I suppose, if your password server goes
>down and you'd like to be able to access your shares.


.                                                                    .
.....John.D.Blair...   mailto:jdblair at   phoneto:205.975.7123 .
                   .  faxto:205.975.7129 .
 ..sys|net.admin....                                                 .
 .                     the university computer center            .....

More information about the samba mailing list