No subject
Brian Haney
brian at cybernaut.com
Tue Dec 28 20:44:39 GMT 1999
For many moons, now, my Samba-on-Linux server (presently Samba 2.0.6) has
displayed some mildly annoying behavior (at least I think it is the Samba
server...it might be the NT workstation), to wit, whenever I login on a
Windows 95 workstation and browse over to the Samba server, it authenticates
me transparently, whereas when I login on a Window NT box and browse over to
the Samba server, I am prompted for a username and password before I can
view the Samba server's shares. I use the same username and password on all
three boxes.
To get to the bottom of this issue, I downloaded tcpdump-smb and traced the
dialog in each case (tcpdump -i eth1 -s 1500 port 137 or port 138 or port
139). In the case of Windows 95, I noticed the following packet:
13:45:18.836375 playhouse.1027 > gatekeeper.netbios-ssn: P 231:396(165) ack
90 win 8671 <nop,nop,timestamp 72480 31042
220>
>>> NBT Packet
flags=0x1
NBT Session Packet
Flags=0x101
Length=2058
found SMB packet at 12
SMB PACKET: SMBsesssetupX (REQUEST)
SMB Command = 0x73
Error class = 0x0
Error code = 0
Flags1 = 0x10
Flags2 = 0x0
Tree ID = 0
Proc ID = 5565
UID = 1
MID = 513
Word Count = 13
Com2=0x75
Res1=0x0
Off2=127
MaxBuffer=2920
MaxMpx=50
VcNumber=0
SessionKey=0xA90
CaseInsensitivePasswordLength=24
CaseSensitivePasswordLength=0
Res=0x0
Capabilities=0x1
Pass1&Pass2&Account&Domain&OS&LanMan=
[000] XX XX XX XX XX XX 00 00 00 00 00 00 00 00 00 42 XXXXXX.. .......B
[010] 52 49 41 4E 00 00 00 00 42 52 49 41 4E 00 43 59 RIAN.... BRIAN.CY
[020] 42 45 52 4E 41 55 54 49 58 00 57 69 6E 64 6F 77 BERNAUTI X.Window
[030] 73 20 34 2E 30 00 57 69 6E 64 6F 77 73 20 34 2E s 4.0.Wi ndows 4.
[040] 30 00 0.
(Playhouse is the Win95 box and gatekeeper the Linux box. I have masked the
password with 'X'.)
In the case of accessing Gatekeeper with the NT box, I notice a different
packet:
13:46:38.589912 specter.1574 > gatekeeper.netbios-ssn: P 247:393(146) ack 90
win 8671
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=142
SMB PACKET: SMBsesssetupX (REQUEST)
SMB Command = 0x73
Error class = 0x0
Error code = 0
Flags1 = 0x18
Flags2 = 0x3
Tree ID = 0
Proc ID = 51966
UID = 0
MID = 0
Word Count = 13
Com2=0x75
Res1=0x0
Off2=108
MaxBuffer=61440
MaxMpx=50
VcNumber=0
SessionKey=0xA96
CaseInsensitivePasswordLength=1
CaseSensitivePasswordLength=18255
Res=0x0
Capabilities=0xD4
Pass1&Pass2&Account&Domain&OS&LanMan=
[000] 00 00 43 59 42 45 52 4E 41 55 54 49 58 00 57 69 ..CYBERN AUTIX.Wi
[010] 6E 64 6F 77 73 20 4E 54 20 31 33 38 31 00 00 57 ndows NT 1381..W
[020] 69 6E 64 6F 77 73 20 4E 54 20 34 2E 30 00 00 indows N T 4.0..
It appears that the NT box simply did not offer the username and password.
Is this due to a registry setting on the NT box? Was there something I
overlooked in the conversation between the Win 95 and Linux boxes that
caused the Win 95 box to volunteer the username and password?
I would like to resolve this issue because I hope to deploy Linux in lieu of
NT for a friend of mine and I think logging in twice would annoy him
greatly.
--Brian Haney
brian at cybernaut.com www.cybernaut.com
President 800-762-8849
CyberNautix, Inc. Open Technology for the Digital Economy
More information about the samba
mailing list