security = server broken?

[Jeremy Allison]

Samuel,

        This is probably due to the NetWkstUserLogon
check we added in 1.9.18 due to an NT bug where some
NT servers allowed a non-existant user with any password
on as guest (as they were configured to do), but then
failed to set the guest bit in the response to the
Samba server - leaving the Samba server thinking
they were a valid, real user (think of the problem
with someone logging on as user 'root' with a garbage
password to realize why we had to add the check code :-).

If you are sure that your NT systems don't suffer
from this bug you can re-compile Samba versions
1.9.18p0-p2 by changing the compile-time constant
in local.h that controls this check (change the line
that says :

#define USE_NETWKSTAUSERLOGON 1

to :

#define USE_NETWKSTAUSERLOGON 0

in local.h).

With 1.9.18p3 this is now a run-time parameter - 
check the release notes for details.

Hope this helps,

        Jeremy Allison,
        Samba Team.

-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------