Users able to connect without password?! (2.0.7)

David Lane dlane at egressive.com
Mon May 7 00:04:33 GMT 2001 

Hi folks,

I'm having a strange problem with a client for whom I've set up Samba (2.0.7 
- packages samba-common-2.0.7-18mdk & samba-2.0.7-18mdk) on a server with 
Linux-Mandrake 7.2.   The client uses both Win95 and Win98 workstations.  

The problem is that there appears to be no password checking at all, i.e a 
user with a valid login (i.e. a user in /etc/smbuser) can login without a 
password or even with a wrong one.  They can cancel out of the subsequent 
Windows Logon, but still get their proper [homes] share and other network 
drive mappings (using a batch file in the [netlogon] share).   

Has anyone ever seen this before??

I have implemented roaming profiles, and am using domain logins.   Note, all 
smbusers are members of unix group "staff".  

Could this be a shadow passwords issue?  Pam??  I've used Webmin to 
synchronise the smbpasswd file to the /etc/passwd file.  

My /etc/smb.conf file is below for reference (note, I've commented out 
options I tried to see if they'd change the situation, but which didn't make 
a difference)

Thanks for any insight anyone might be able to provide.  Regards,

Dave Lane

--------- /etc/smb.conf ------------------

# Samba config file created using SWAT
# from UNKNOWN (0.0.0.0)
# Date: 2001/04/30 16:47:07
 
# Global parameters
[global]
        netbios name = SERVER
        server string = File Server
        interfaces = eth0
        bind interfaces only = Yes
        encrypt passwords = Yes
#       unix password sync = Yes
        debug level = 5
        log file = /var/log/samba/log.%m
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        logon script = netlogon.bat
        logon home = /home/%U
        domain logons = Yes
#       preferred master = Yes
        domain master = Yes
        comment = Linux Server running Samba
#       guest account = ftp
#       valid users = @staff
#       read list = @staff
#       write list = @staff
        oplocks = No
#       null passwords = No
 
[netlogon]
        path = /home/netlogon
 
[homes]
        comment = Home Directories
        writeable = Yes
 
[printers]
        comment = All Printers
        path = /var/spool/samba
        printable = Yes
 
[share]
        path = /home/share
        writeable = Yes
        create mask = 0777
        directory mask = 0777
 
[apps]
        path = /home/apps
        writeable = Yes
        create mask = 0777
        directory mask = 0777
 
[mail]
        path = /home/mail
        writeable = Yes
        create mask = 0733
        directory mask = 0733
 
[backup]
        comment = share for backup of user data
        path = /home/sambadirs


-- 
*********************************************************************
* David Lane, Director  www.egressive.co.nz | dlane at egressive.co.nz *
* Linux: it just tastes better.		  Christchurch, New Zealand *
*********************************************************************

More information about the samba mailing list