password server (PR#1028)

m.forster at m.forster at
Thu Oct 23 17:42:44 GMT 1997

> Date: Wed, 22 Oct 1997 10:24:40 +1000
> From: Andrew Tridgell <samba-bugs at>
> Subject: Re: password server (PR#1028)
> You would be much better off upgrading to 1.9.17p4. I rewrote the password
> server code for p4 and one of the things I changed was to check for a .
> in the name and take the part before the first . as the netbios name. This
> is consistent with what smbclient does.
> The new code is also a lot cleaner and also fixes a potential security hole
> if your NT server is misconfigured (some NT servers were accepting 
> session setup connections with any password on unknown usernames and not
> setting the guest bit in the reply). The new code does a full 
> NetWkstaUserLogon to verify that the password server really meant yes
> when it said yes.
> Andrew

Is it possible to give details of exactly what misconfiguration on the
NT password server creates this problem (so it can be remedied if it
exists ) ?   Also, if samba has root in its invalid users list, does this
guarantee that root access cannot be obtained on a pre-p4 samba server.


  Mark Forster.

       ( m.forster at )

Centre for Computing Services,  Mech. Eng. Building,  Imperial College,
Exhibition Road,  London SW7 2BX,  United Kingdom.  Phone (+44) 0171-594 6918

More information about the samba mailing list