[Samba] 95 and NT cannot access shares
Don Zajic
donald.zajic at verizon.net
Tue Feb 25 00:03:14 GMT 2003
Bill and John, I stand VERY corrected. Long days, short nights, new
job, no other good excuses. I will make an effort to thoroughly
research the issue prior to making a response.
Dave, I hope that my response did not cause you too much confusion or
frustration.
Don Zajic
-----Original Message-----
From: samba-bounces+donald.zajic=verizon.net at lists.samba.org
[mailto:samba-bounces+donald.zajic=verizon.net at lists.samba.org] On
Behalf Of John H Terpstra
Sent: Monday, February 24, 2003 12:55 PM
To: William R. Knox
Cc: samba at lists.samba.org; Don Zajic
Subject: RE: [Samba] 95 and NT cannot access shares
On Mon, 24 Feb 2003, William R. Knox wrote:
Bill,
Thanks for jumping in here. I'd like to reinforce your correction. Would
everyone please take note!
Someone who does a search on the samba mailing lists on this subject
will find many incorrect assertions regarding encrypted password support
in MW Windows products. Bill, your comments here are absolutely correct.
> The information provided here about the use of encrypted passwords is
> not true.
NOTE THIS NEXT STATEMENT!!
> NT began to ENFORCE the use of encrypted passwords with SP3, and Win95
> the same with (I believe) OSR2, but ALL versions of these OSes
> supported encrypted passwords.
Please note also, that it is possible to use the PlainText registry
hacks to re-enable support for clear text passwords, but MS Windows
clients will cache only the encrypted password. This means that when the
Windows client drops a share connection (through time-out or for any
other reason) then on attempt to re-use the share the Windows client
will send the encrypted password in the attempt to reconnect (it does
not have the plain text password in it's cache). This can cause a blue
screen problem and may cause nasty application failures.
SO:
It is best NOT to use plain text passwords, instead use only encrypted
passwords - PARTICULARLY given that ALL MS Windows network clients
support encrypted passwords.
- John T.
>
> Bill Knox
> Senior Operating Systems Programmer/Analyst
> The MITRE Corporation
>
> On Mon, 24 Feb 2003, Don Zajic wrote:
>
> > Date: Mon, 24 Feb 2003 04:22:44 -0500
> > From: Don Zajic <donald.zajic at verizon.net>
> > To: 'Dave Ansell' <dave at theansells.com>, samba at lists.samba.org
> > Subject: RE: [Samba] 95 and NT cannot access shares
> >
> > Off the top of my head, I would say that using Encrypted passwords
> > is greate for W2K and XP, however, 95 does not use encrypted
> > passwords and unless you are using SP3 or above on NT, it also does
> > not use encrypted password. Since you are mixing your flavors of
> > Windows from 95 to XP, you probably need to disable encrypted
> > password and use plain text passwords throughout your domain.
> >
> > encrypt password = no
> >
> > You also need to apply the .reg files to change from encrypted to
> > plaintext according to your windows version. These .reg files are
> > located in your docs/Registry directory.
> >
> > Don Zajic
> >
> >
> > -----Original Message-----
> > From: samba-bounces+donald.zajic=verizon.net at lists.samba.org
> > [mailto:samba-bounces+donald.zajic=verizon.net at lists.samba.org] On
> > Behalf Of Dave Ansell
> > Sent: Sunday, February 23, 2003 4:07 AM
> > To: samba at lists.samba.org
> > Subject: [Samba] 95 and NT cannot access shares
> >
> >
> > I have file and print sharing set up on Linux (Mandrake 9.0).
> >
> > It all works fine with 2000 and XP clients, but 95 and NT clients
> > don't seem to be able to access.
> >
> > Any ideas?
> > Thanks,
> > Dave
> >
> >
> > Typical log entry from Samba:
> >
> > [2003/02/22 16:21:37, 0] smbd/service.c:make_connection(599)
> > wvo1314904 (192.168.1.10) Can't change directory to
> > /home/samba/public (Permission denied)
> >
> > My sbm.conf is:
> >
> > [global]
> > workgroup = Waterlooville
> > security = SHARE
> > encrypt passwords = Yes
> > passwd program = /usr/bin/passwd %u
> > passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password*
> > %n\n unix password sync = Yes log file = /var/log/samba/log.%m max
> > log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192
> > SO_SNDBUF=8192 dns proxy = No
> >
> > [public]
> > comment = Public Stuff
> > path = /home/samba/public
> > write list = @staff
> > read only = No
> > guest ok = Yes
> >
> > [printers]
> > comment = All Printers
> > path = /var/spool/samba
> > create mask = 0700
> > guest ok = Yes
> > printable = Yes
> > print command = /usr/bin/lpr -r -s -P%p %s
> > browseable = No
> > printer admin = davea
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
>
>
>
--
John H Terpstra
Email: jht at samba.org
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list