problem with authentication to W2k

c.m.e.reniers at c.m.e.reniers at
Tue Mar 6 14:48:04 GMT 2001


We have a NT user which is a member of a "domain local" group in W2k.
We found that samba is unable to authenticate this user against the
W2K domain controller. We use security = domain.
There is no problem if the user is a member of a "global group".

We see the following error message in the log.smb file :

[2001/03/06 15:34:29, 0] ../source/rpc_parse/parse_prs.c:(316)
  prs_mem_get: reading data of size 60 would overrun buffer.
[2001/03/06 15:34:29, 0] ../source/smbd/password.c:(1469)
  domain_client_validate: unable to validate password for user hpinfo in domain COS
 to Domain controller COSDC0. Error was code 0.

   workgroup = cos
   os level = 0
   preferred master = no
   local master = no
   server string = fileserver hpfs7
   browse list = no
   domain master = no
   wins support = no
   wins server = xx.xx.xx.xx
   guest account = ntguest
   security = domain
   encrypt passwords = true
   password server = cosdc0,cosdc1
   preserve case = yes
   guest ok = no
   read only = no
   create mask = 640
   directory mask = 750
   socket options = TCP_NODELAY
   max log size = 600
   map archive = no
   printable = no
   debug level = 9
   nt acl support = no
   fstype = Samba
   dos filetime resolution = True
   veto files = /file:/
Does anybody know if there is a problem with "domain local" groups
and the authentication of samba for users which are a member of such a group.

It looks like some bufffer overflows ( as can be seen in the log.smb file ) when a
user is a member of a "domain local" group.

Eddy Reniers,
Philips Research Laboratories
Department Computer Services,  Building WYp - postbox WY01 
Prof.Holstlaan 4, 5656 AA Eindhoven, The Netherlands

Phone : +31-40-27-44327

Email  : c.m.e.reniers at

More information about the samba mailing list