[Samba] 95 and NT cannot access shares
John H Terpstra
jht at samba.org
Mon Feb 24 17:54:40 GMT 2003
On Mon, 24 Feb 2003, William R. Knox wrote:
Bill,
Thanks for jumping in here. I'd like to reinforce your correction. Would
everyone please take note!
Someone who does a search on the samba mailing lists on this subject will
find many incorrect assertions regarding encrypted password support in MW
Windows products. Bill, your comments here are absolutely correct.
> The information provided here about the use of encrypted passwords is not
> true.
NOTE THIS NEXT STATEMENT!!
> NT began to ENFORCE the use of encrypted passwords with SP3, and
> Win95 the same with (I believe) OSR2, but ALL versions of these OSes
> supported encrypted passwords.
Please note also, that it is possible to use the PlainText registry hacks
to re-enable support for clear text passwords, but MS Windows clients will
cache only the encrypted password. This means that when the Windows client
drops a share connection (through time-out or for any other reason) then
on attempt to re-use the share the Windows client will send the encrypted
password in the attempt to reconnect (it does not have the plain text
password in it's cache). This can cause a blue screen problem and may
cause nasty application failures.
SO:
It is best NOT to use plain text passwords, instead use only encrypted
passwords - PARTICULARLY given that ALL MS Windows network clients support
encrypted passwords.
- John T.
>
> Bill Knox
> Senior Operating Systems Programmer/Analyst
> The MITRE Corporation
>
> On Mon, 24 Feb 2003, Don Zajic wrote:
>
> > Date: Mon, 24 Feb 2003 04:22:44 -0500
> > From: Don Zajic <donald.zajic at verizon.net>
> > To: 'Dave Ansell' <dave at theansells.com>, samba at lists.samba.org
> > Subject: RE: [Samba] 95 and NT cannot access shares
> >
> > Off the top of my head, I would say that using Encrypted passwords is
> > greate for W2K and XP, however, 95 does not use encrypted passwords and
> > unless you are using SP3 or above on NT, it also does not use encrypted
> > password. Since you are mixing your flavors of Windows from 95 to XP,
> > you probably need to disable encrypted password and use plain text
> > passwords throughout your domain.
> >
> > encrypt password = no
> >
> > You also need to apply the .reg files to change from encrypted to
> > plaintext according to your windows version. These .reg files are
> > located in your docs/Registry directory.
> >
> > Don Zajic
> >
> >
> > -----Original Message-----
> > From: samba-bounces+donald.zajic=verizon.net at lists.samba.org
> > [mailto:samba-bounces+donald.zajic=verizon.net at lists.samba.org] On
> > Behalf Of Dave Ansell
> > Sent: Sunday, February 23, 2003 4:07 AM
> > To: samba at lists.samba.org
> > Subject: [Samba] 95 and NT cannot access shares
> >
> >
> > I have file and print sharing set up on Linux (Mandrake 9.0).
> >
> > It all works fine with 2000 and XP clients, but 95 and NT clients don't
> > seem to be able to access.
> >
> > Any ideas?
> > Thanks,
> > Dave
> >
> >
> > Typical log entry from Samba:
> >
> > [2003/02/22 16:21:37, 0] smbd/service.c:make_connection(599)
> > wvo1314904 (192.168.1.10) Can't change directory to /home/samba/public
> > (Permission denied)
> >
> > My sbm.conf is:
> >
> > [global]
> > workgroup = Waterlooville
> > security = SHARE
> > encrypt passwords = Yes
> > passwd program = /usr/bin/passwd %u
> > passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
> > unix password sync = Yes log file = /var/log/samba/log.%m max log size
> > = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns
> > proxy = No
> >
> > [public]
> > comment = Public Stuff
> > path = /home/samba/public
> > write list = @staff
> > read only = No
> > guest ok = Yes
> >
> > [printers]
> > comment = All Printers
> > path = /var/spool/samba
> > create mask = 0700
> > guest ok = Yes
> > printable = Yes
> > print command = /usr/bin/lpr -r -s -P%p %s
> > browseable = No
> > printer admin = davea
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
>
>
>
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list