server security & 1 bad login each time

Christopher Kranz clk at CS.Princeton.EDU
Sun Sep 20 12:50:01 GMT 1998

There was some discussion on this just a few weeks back.  Look for the
following subject:

'samba error message - "broken (and insecure) behavior"'

In short, this is done on purpose to determine if the NT server is
broken.  Why it has to check for each and every login attempt is
unclear.  It breaks things when a common login is used (say for a lab or
classroom) and you have things set up so that accounts get locked out
after so many bad login attempts.  The result is that my common accounts
get locked out at the start of class because of the bad login attempts.

I was planning on commenting out the code in password.c.  Since I really
don't have a choice for my password server it does not matter if it is
broken (which in my case it apparently is not).

Christopher Kranz        |   Systems Programmer   | clk at CS.Princeton.EDU
35 Olden St., Room 211   | Computer Science Dept. | Voice: 609-258-1747
Princeton, NJ 08544-2087 |  Princeton University  |   FAX: 609-258-1771
==========================PGP V2.6.2 key available======================
    "I may make you feel but I can't make you think" -  Ian Anderson

More information about the samba mailing list