sudden loss of password validation
andre.albsmeier at mchp.siemens.de
Wed Sep 1 18:49:22 GMT 1999
On Thu, 02-Sep-1999 at 04:10:04 +1000, Nicholas Tang wrote:
> On Wed, 1 Sep 1999, David Baird wrote:
> > The problem: Strangely, the PDC rejects user password challenges from Samba.
> > The user account gets locked. After unlocking the account, everything is
> > back to normal. This happens several times a day to different users and from
> > different Samba servers. All Samba servers have the same [global]
> > configuration.
> I ran into a similar problem when moving to 2.0.3 from 1.9.x - switching
> to using DOMAIN security fixed it for me. You might want to consider
> trying that where you are.
Same here. My users complained that sometimes the client fails to mount
a share. After a while it works again. This never happend with 1.9.x.
I have played around a little in smb_password_check() with DEBUG_PASSWORD
and a debug level > 100. Everytime it fails, the encrypted string handed
over by the client to smbd contained a lot of '\0' chars. This wasn't
the case when the connection was accepted.
I have moved around the problem by changing reply.c so that
the user is first authenticated with the local smbpasswd file
and only if that fails it tries the PDC. This also makes mounting
the shares much faster since the test whether NT server is OK,
which is in password.c around line 1053, isn't needed anymore.
Of course, I had to put the users in smbpasswd...
More information about the samba