[Samba] SAMBA DEVELOPERS PLEASE READ WAS: RE: password change,
domain not available
Gerald (Jerry) Carter
jerry at samba.org
Sun May 2 22:40:27 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 22 Apr 2004, Jason Balicki wrote:
> [summary: quite a few people who have installed recent
> MS patches and use Samba as a NT style PDC (and, it
> appears, are using 2.2.8a) have an issue where they
> "cannot change" their passwords from the client side.
> "Cannot change" is in quotes because even though the
> client reports failure, the password has in fact been
> changed successfully. However, you can't expect an end
> user to know that, nor expect them to accept a negative
> response for a positive.]
>
> >The problem seems to be related to Windows Hotfix KB828741.
> >Removing the hotfix through the control panel solved it for us.
>
>
> While this is a workaround, it is not an acceptable one.
>
> 828741 fixes vulnerabilities that affect RPC/DCOM and can
> allow a remote attacker to gain control of a machine. It's
> only a matter of time before someone writes a worm that
> takes advantage of this.
>
> Could some Samba developer PLEASE take time out of their
> very busy schedule and look into this issue? It's affecting
> quite a few people (if they know it or not) and needs to
> be addressed quickly.
We're working towards a fix regarding 3.0.x. We'll have to
decide what to do about 2.2.8a once we resolve the issue in 3.0.
Thanks for being patient.
cheers, jerry
- ----------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
"...a hundred billion castaways looking for a home." ----------- Sting
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQFAlXjbIR7qMdg1EfYRAm4vAKCuBt9lfIx+Pv449Rn5A0XBfReQCACfQ9Rx
gJpLBDIqBD1ujlRuOK1WhDI=
=Ycf9
-----END PGP SIGNATURE-----
More information about the samba
mailing list