server allows users as non-guest with bad password

David Collier-Brown - Sun Canada davecb at
Mon Apr 3 17:23:37 GMT 2000

Michael wrote:
| occasionally Samba will not let a certain user connect, saying
| the password is incorrect (even though it is correct).  [...]
| I get the following error message in my log.smb when this happens
| (IP address below is fake):
| [2000/04/03 12:09:22, 0] smbd/password.c:(1118)
|	server_validate: [1] password server allows users as
|	non-guest with a bad password.
| [2000/04/03 12:09:22, 0] smbd/password.c:(1120)
|	server_validate: [1] This is broken (and insecure) behaviour. Please do
|	not use this machine as the password server.

	Oy veh!
	My leaky memory says this is a problem from a while ago
	in which NT returns a "success" indication despite the
	user mistyping their password. This is A Bad Thing, and
	Samba would prefer to authenticate with servers who don't
	do that.
	If the user's passwords are actually correct (eg, they come
	straight from a .pwl file), then NT is befuddled.  If not,
	NT is trying to befuddle Samba (;-)) In either case, snooping
	the packets may tell us what to do about it...
	In the meantime, do you have any other machine to play
	authentication server?
David Collier-Brown in Boston
Phone: (781) 442-0734, Room BUR03-3632

More information about the samba mailing list