[Samba] Strange error message when a user can't change password
mk at crc.dk
Tue Sep 24 13:10:01 GMT 2002
Mogens Kjaer wrote:
> Bradley W. Langhorst wrote:
>>> However, if a user selects a password that is too short,
>>> he/she will get a misleading error message saying that
>>> the _old_ password is wrong.
>>> This occurs both when the user is on a w2k machine or
>>> on a win95 machine.
>>> How do I set it up so that the user is given
>>> a better error message?
>> I don't think you can...
>> I gave up on that problem a while ago.
>> I'd love to be proved wrong though...
> I can see from the source code in source/smbd/lanman.c
> that the error code returned from samba is 86:
> #define NERR_badpass 86
I have learned a few things...
I got it to work with w2k clients,
by modifying source/rpc_server/srv_samr_nt.c:
change NT_STATUS_WRONG_PASSWORD into
I have found a description of the error codes
for win9x clients in:
in section 13: SAMOEMCHANGEPASSWORD
The transaction response parameters section consists of:
@ A 16 bit word indicating the return status. The possible values are:
Code Valu Description
NERR_Success 0 No errors encountered
ERROR_ACCESS_DENIED 5 User has insufficient privilege
ERROR-INVALID-PASSWORD 86 The specified password is invalid
NERR_PasswordCantChange 2243 The password cannot be changed
NERR_PasswordTooShort 2246 The password is too short
So I changed the error code 86 into 2246 - but the error
message I get in win95 is: "The password of this user is
too recent to change".
I can see in ethereal that a response packet with the error
number 2246 is indeed sent from samba. The text displayed
by ethereal for this error message is "The password is too short".
I don't know why windows doesn't display the right message...
Mogens Kjaer, Carlsberg Laboratory, Dept. of Chemistry
Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark
Phone: +45 33 27 53 25, Fax: +45 33 27 47 08
Email: mk at crc.dk Homepage: http://www.crc.dk
More information about the samba