NT and samba, passwords needed more than once

Stephen L Arnold arnold.steve at ensco.com
Mon Jul 12 20:19:29 GMT 1999

When the world was young, Christoph Martyn 
<christoph.martyn at curry.de> carved some runes like this:  

> I have a little workgroup with two samba servers (RH 5.2, Samba
> 1.18 and RH 5.2, Samba 2.04b), two Win98 and two NT clients. I
> enabled cleartext passwords on the samba servers and did the
> registry hacks. I can see both samba servers in the browse list.
> User names and passwords are the same on the Win98, NT and Linux
> computers. While it is no problem to connect to the samba shares
> with the Win98 computers, there is a little annoyance (sometimes
> a problem) with the NT computers: when you first try to connect
> to a samba share, there comes a message "wrong password, connect
> as" and you have to retype your name and password. In 95% of the
> cases you get connected to the share afterwards, so this is just
> a little annoyance, but one that my users complain about all the
> time. Very rarely it is not possible to connect to the samba
> share at all and you have to reboot the computer in order to
> connect to a samba share! 
> As a consequence of this problem I also can only print to the
> printers connected to the samba server after manually connecting
> to a share on the server. 

I think this should help clear things up (from WinNT.txt):

> One of the most annoying problems with WinNT is that NT refuses to
> connect to a server that is in user level security mode and that
> doesn't support password encryption unless it first prompts the user for
> a password.
> This means even if you have the same password on the NT box and the
> Samba server you will get prompted for a password. Entering the correct
> password will get you connected only if Windows NT can communicate with
> Samba using a compatible mode of password security.
> All versions of Windows NT prior to 4.0 Service Pack 3 could
> negotiate plain text (clear text) passwords. Windows NT 4.0 Service Pack
> 3 changed this default behaviour so it now will only handle encrypted
> passwords. The following registry entry change will re-enable clear text
> password handling:
> Run regedt32.exe and locate the hive key entry:
> HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Rdr\Parameters\
> Add the following value:
>  EnablePlainTextPassword:REG_DWORD=1
> Alternatively, use the NT4_PlainPassword.reg file in this directory
> (either by double clicking on it, or run regedt32.exe and select "Import
> Registry File" from the "Registry" Menu).
> The other major ramification of this feature of NT is that it can't
> browse a user level non-encrypted server unless it already has a
> connection open. This is because there is no spot for a password prompt
> in the browser window. It works fine if you already have a drive mounted
> (for example, one auto mounted on startup).

The solution to not being able to browse a user-level samba server 
in NetHood is to open a command prompt on the NT box and mount a 
share (don't forget to use the username switch) as a local drive.  
You can then browse other shares from windoze exploder.  

You may have a binary samba package that doesn't have the complete 
set of docs (on linux, check /usr/doc/samba-x.xx).  If so, check 
the samba web pages; all the included docs (as well as a few 
others) are online.  You can also download one or more source 
packages.  The 1.9.x and 2.0 docs are a little different; some new 
things are specific to the new 2.0 version, but some of the more 
general docs (such as Browsing.txt) have been expanded (thus the 
2.0 docs will help even if you're still running an older version).

Hope this helps, Steve

Stephen L Arnold                      http://www.rain.org/~sarnold
#include <std_disclaimer.h>

More information about the samba mailing list