[Samba] smbpasswd in 3.0.9 broken

sambaml at moellenkamp.org sambaml at moellenkamp.org
Wed Dec 8 13:01:06 GMT 2004 

Hello,

i have an wierd problem under 3.0.8.  This versions seems to encrypt
password different to 2.2.9 an by this lock out any user. The machine is a
Sun under Solaris 8 with the recommended patch cluster. User Repository is
done by ldap_compat, because of several Systems in need of the old
samba-schema (2.2.9). Anybody out there, who can reproduce the behaviour ?
I´ve already filed a bug under 2020.

Regards
 Joerg

Example:
  bash-2.03# ./smbpasswd smbtest10
  New SMB password:

  Retype new SMB password:

  bash-2.03# ./smbclient
-s/usr/local/smb/system/config/<customersite>/smb.pdc2.conf -U
  smbtest10 //pdc2-<customersite>/smbtest10
  Password:

  session setup failed: NT_STATUS_LOGON_FAILURE

NOW CHANGING PASSWORD FROM A DIFFERENT SERVER UNDER 2.2.9 to same value

  bash-2.03# ./smbclient
-s/usr/local/smb/system/config/<customersite>/smb.pdc2.conf -U
  smbtest10 //pdc2-<customersite>/smbtest10
  Password:

  Domain=[<domainname>] OS=[Unix] Server=[Samba 3.0.8]
  smb: \> quit

working Userentry-LDIF, changed with smbpasswd of 2.2.9

   dn: uid=smbtest10,ou=people,ou=allgemein,o=organisation
   objectClass: inetOrgPerson
   objectClass: posixAccount
   objectClass: shadowAccount
   objectClass: account
   objectClass: top
   objectClass: organizationalPerson
   objectClass: person
   objectClass: sambaAccount
   acctFlags: [U          ]
   cn: smbtest10
   displayName: smbtest10
   gecos: #T:common
   gidNumber: 10000
   homeDirectory: /<somedirectory>/smbtest10
   kickoffTime: 2147483647
   lmPassword: 86859AF790F4B217AAD3B435B51404EE
   loginShell: /bin/false
   logofftime: 2147483647
   logonTime: 2147483647
   ntPassword: 0C6AE10552793A8B88778B8185E47B78
   primaryGroupID: 21001
   pwdCanChange: 1086693852
   pwdLastSet: 1100177214
   pwdMustChange: 2147483647
   rid: 41734
   shadowFlag: 0
   sn: smbtest10
   uid: smbtest10
   uidNumber: 20367
   userPassword::
e1NTSEF9N1dJcjNIaWxGeENiZ0VSRmJxckpTN1dNWG1pNkZyWVB1RHBtUHc9P
    Q==

Same user, changed with smbpassword with Samba 3.0.8, login not possible

   dn: uid=smbtest10,ou=people,ou=allgemein,o=organisation
   objectClass: inetOrgPerson
   objectClass: posixAccount
   objectClass: shadowAccount
   objectClass: account
   objectClass: top
   objectClass: organizationalPerson
   objectClass: person
   objectClass: sambaAccount
   acctFlags: [U          ]
   cn: smbtest10
   displayName: smbtest10
   gecos: #T:common
   gidNumber: 10000
   homeDirectory: /<somedirectory>/smbtest10
   kickoffTime: 2147483647
   lmPassword: FE12086CE1A36EF5AAD3B435B51404EE
   loginShell: /bin/false
   logofftime: 2147483647
   logonTime: 2147483647
   ntPassword: 314040DC01195C391E161E6B39824C78
   primaryGroupID: 21001
   pwdCanChange: 1086693852
   pwdLastSet: 1100177019
   pwdMustChange: 2147483647
   rid: 41734
   shadowFlag: 0
   sn: smbtest10
   uid: smbtest10
   uidNumber: 20367
   userPassword::
e1NTSEF9N1dJcjNIaWxGeENiZ0VSRmJxckpTN1dNWG1pNkZyWVB1RHBtUHc9P
   Q==

Diff of both ldifs :
18c18
< lmPassword: 86859AF790F4B217AAD3B435B51404EE
---
> lmPassword: FE12086CE1A36EF5AAD3B435B51404EE
22c22
< ntPassword: 0C6AE10552793A8B88778B8185E47B78
---
> ntPassword: 314040DC01195C391E161E6B39824C78
25c25
< pwdLastSet: 1100177214
---
> pwdLastSet: 1100177019
--

More information about the samba mailing list