[Samba] smbpasswd in 3.0.9 broken
sambaml at moellenkamp.org
sambaml at moellenkamp.org
Wed Dec 8 13:01:06 GMT 2004
Hello,
i have an wierd problem under 3.0.8. This versions seems to encrypt
password different to 2.2.9 an by this lock out any user. The machine is a
Sun under Solaris 8 with the recommended patch cluster. User Repository is
done by ldap_compat, because of several Systems in need of the old
samba-schema (2.2.9). Anybody out there, who can reproduce the behaviour ?
I´ve already filed a bug under 2020.
Regards
Joerg
Example:
bash-2.03# ./smbpasswd smbtest10
New SMB password:
Retype new SMB password:
bash-2.03# ./smbclient
-s/usr/local/smb/system/config/<customersite>/smb.pdc2.conf -U
smbtest10 //pdc2-<customersite>/smbtest10
Password:
session setup failed: NT_STATUS_LOGON_FAILURE
NOW CHANGING PASSWORD FROM A DIFFERENT SERVER UNDER 2.2.9 to same value
bash-2.03# ./smbclient
-s/usr/local/smb/system/config/<customersite>/smb.pdc2.conf -U
smbtest10 //pdc2-<customersite>/smbtest10
Password:
Domain=[<domainname>] OS=[Unix] Server=[Samba 3.0.8]
smb: \> quit
working Userentry-LDIF, changed with smbpasswd of 2.2.9
dn: uid=smbtest10,ou=people,ou=allgemein,o=organisation
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: account
objectClass: top
objectClass: organizationalPerson
objectClass: person
objectClass: sambaAccount
acctFlags: [U ]
cn: smbtest10
displayName: smbtest10
gecos: #T:common
gidNumber: 10000
homeDirectory: /<somedirectory>/smbtest10
kickoffTime: 2147483647
lmPassword: 86859AF790F4B217AAD3B435B51404EE
loginShell: /bin/false
logofftime: 2147483647
logonTime: 2147483647
ntPassword: 0C6AE10552793A8B88778B8185E47B78
primaryGroupID: 21001
pwdCanChange: 1086693852
pwdLastSet: 1100177214
pwdMustChange: 2147483647
rid: 41734
shadowFlag: 0
sn: smbtest10
uid: smbtest10
uidNumber: 20367
userPassword::
e1NTSEF9N1dJcjNIaWxGeENiZ0VSRmJxckpTN1dNWG1pNkZyWVB1RHBtUHc9P
Q==
Same user, changed with smbpassword with Samba 3.0.8, login not possible
dn: uid=smbtest10,ou=people,ou=allgemein,o=organisation
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: account
objectClass: top
objectClass: organizationalPerson
objectClass: person
objectClass: sambaAccount
acctFlags: [U ]
cn: smbtest10
displayName: smbtest10
gecos: #T:common
gidNumber: 10000
homeDirectory: /<somedirectory>/smbtest10
kickoffTime: 2147483647
lmPassword: FE12086CE1A36EF5AAD3B435B51404EE
loginShell: /bin/false
logofftime: 2147483647
logonTime: 2147483647
ntPassword: 314040DC01195C391E161E6B39824C78
primaryGroupID: 21001
pwdCanChange: 1086693852
pwdLastSet: 1100177019
pwdMustChange: 2147483647
rid: 41734
shadowFlag: 0
sn: smbtest10
uid: smbtest10
uidNumber: 20367
userPassword::
e1NTSEF9N1dJcjNIaWxGeENiZ0VSRmJxckpTN1dNWG1pNkZyWVB1RHBtUHc9P
Q==
Diff of both ldifs :
18c18
< lmPassword: 86859AF790F4B217AAD3B435B51404EE
---
> lmPassword: FE12086CE1A36EF5AAD3B435B51404EE
22c22
< ntPassword: 0C6AE10552793A8B88778B8185E47B78
---
> ntPassword: 314040DC01195C391E161E6B39824C78
25c25
< pwdLastSet: 1100177214
---
> pwdLastSet: 1100177019
--
More information about the samba
mailing list