Red Hat 6.2 vs NT/Windows 2K

Mike O'Neill mikeo at redhillstudios.com
Fri Jan 26 21:56:34 GMT 2001


>> Alin,
>> 
>> This "encrypt passwords = no" had some good effect.  Now the log
>> indicates that it gets a little further, though there is still some
>> disagreement on the "true" password.  And, btw, that change did knock
>> of the Windows 95 clients, which previously worked.  I'll continue on
>> trying to get the encrypted passwords to match up.
>> 
>> Peter
> 
> You have win95 without SMB up-date and you need to put "update
> encrypted = yes". This is the only way to match the passwords
> unless you hack the registry of win98/nt/2000/me...
> Sorry for the delay, I was out of town.
> 
Just want to interject in case this info in not known.  The docs say this
about the subject...

<begin quote>
This boolean parameter allows a user logging on with a plaintext password to
have their encrypted (hashed) password in the smbpasswd file to be updated
automatically as they log on. This option allows a site to migrate from
plaintext password authentication (users authenticate with plaintext
password over the wire, and are checked against a UNIX account database) to
encrypted password authentication (the SMB challenge/response authentication
mechanism) without forcing all users to re-enter their passwords via
smbpasswd at the time the change is made. This is a convenience option to
allow the change over to encrypted passwords to be made over a longer
period. Once all users have encrypted representations of their passwords in
the smbpasswd file this parameter should be set to "off".

In order for this parameter to work correctly the "encrypt passwords"
parameter must be set to "no" when this parameter is set to "yes".
<end quote>
-mike





More information about the samba mailing list