Case sensitive password Win95 client
neil.hoggarth at physiol.ox.ac.uk
Thu Jun 22 08:51:02 GMT 2000
On Wed, 21 Jun 2000, Werner Maes wrote:
> I have a Samba server with domain logons enabled and with
> encrypt passwords=no. So I don't use the smbpasswd file, only
> the Unix password files.
> When I try to logon with a Win95 client (client for Microsoft Networks,
> logging on to a domain), people with mixed-case passwords cannot logon
> to the Samba logon server. Those with a password in lower case can logon
> without any problem.
As you have already found with your tcpdump trace, Windows machines that
are using cleartext password authentication convert the password to
upper case before sending it over the network. As far as I know, there
is *nothing* that can be done to prevent Windows from doing this.
If you are going to stick with cleartext passwords then your ideally
your users need to adopt single case passwords.
Mixed case passwords are one of the (many) advantages that you would
gain if you were to adopt encrypted authentication on your Samba server
(and yes, I realize that encrypted auth and maintaining an smbpasswd
file a pain in many other respects).
Neil Hoggarth Departmental Computer Officer
<neil.hoggarth at physiol.ox.ac.uk> Laboratory of Physiology
http://www.physiol.ox.ac.uk/~njh/ University of Oxford, UK
More information about the samba