password server problem

Mon Jul 13 18:30:17 GMT 1998

Hi Rainer,

there is a problem in 1.9.18p8 that prevents the use of "security =
server". Jeremy fixed this and the fix will be in 1.9.18p9. In the
meanwhile, here's the patch you need to use:

--- samba-1.9.18p8.orig/source/reply.c
+++ samba-1.9.18p8/source/reply.c
@@ -409,6 +409,7 @@
   pstring smb_ntpasswd;
   BOOL valid_nt_password = False;
   pstring user;
+  pstring orig_user;
   BOOL guest=False;
   BOOL computer_id=False;
   static BOOL done_sesssetup = False;
@@ -587,6 +588,14 @@
   reload_services(True);
 
   /*
+   * Save the username before mapping. We will use
+   * the original username sent to us for security=server
+   * checking.
+   */
+
+  pstrcpy( orig_user, user);
+
+  /*
    * Pass the user through the NT -> unix user mapping
    * function.
    */
@@ -609,7 +618,8 @@
     guest = True;
 
   if (!guest && !(lp_security() == SEC_SERVER && 
-		  server_validate(user, domain, 
+      /* Check with orig_user for security=server. */
+	  server_validate(orig_user, domain, 
 				  smb_apasswd, smb_apasslen, 
 				  smb_ntpasswd, smb_ntpasslen)) &&
       !check_hosts_equiv(user))
   
Apply this, recompile, and everything should be fine.

rainer.von-bongartz at db.com wrote:
> 
> We are using samba with a NT4.0 Primary Domain Controller as a samba password
> server.
> 
> Logon validation on the primary domain controller works fine, the NT machine
> validates the user password.
> 
> BUT:    On the NT PDC the event log shows  numerous entries saying:
>           Unknown user or wrong password
> 
> Did anybody experience this too ????
> 
> Rainer von Bongartz
> /D/I/L/
> rainer.von-bongartz at dil.de
> 
> 
> 
> 

-- 

Eloy A. Paris
Information Technology Department
Rockwell Automation Venezuela
Telephone: +58-2-9432311 Fax: +58-2-9431645
