server allows users as non-guest with bad password

Smith, Michael Michael.Smith at state.me.us
Mon Apr 3 16:35:48 GMT 2000


Hi y'all,

I have a little problem with Samba which I hope you can help me with.  We
are running Samba 2.0.4 on a Sun Enterprise 4500 with Solaris 7.  Clients
are mostly Win 9x and a few NT workstations (and one NT Terminal Server).  I
have security = server (password server is the NT Terminal Server).  What
happens is occasionally Samba will not let a certain user connect, saying
the password is incorrect (even though it is correct).  We run Samba as a
daemon (-D option).  When this happens, if I can isolate the smbd process
the user is using, I can kill it and then the user can log on.  If I can't,
I kill all of the ones owned by root (but not the parent process) and that
works.  I get the following error message in my log.smb when this happens
(IP address below is fake):

[2000/04/03 12:09:22, 0] smbd/password.c:(1118)
  server_validate: [1] password server 123.45.67.89 allows users as
non-guest with a bad password.
[2000/04/03 12:09:22, 0] smbd/password.c:(1120)
  server_validate: [1] This is broken (and insecure) behaviour. Please do
not use this machine as the password server.


Other folks have suggested using domain security, but that is not an option
right now.  Is there a way to fix this?

*******************
Michael R Smith
Senior Programmer/Analyst
Maine DEP GIS Unit
michael.smith at state.me.us
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 2691 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20000403/87862a0f/attachment.bin


More information about the samba mailing list