[Samba] Problems with smbpasswd: any local changes are
discarted after connection request
Lieven Van Acker
Lieven.VanAcker at UGent.be
Wed Jan 19 18:41:50 GMT 2005
This issue was by design (see release notes of 3.0.2a), since the LCT
field is used to grant a user access. Point is LCT-X should != LCT-0.
Regards
Lieven
Op wo, 19-01-2005 te 18:22 +0100, schreef Lieven Van Acker:
> Hi,
>
> Can anybody confirm the following problem:
>
> Sequence:
>
> bash-2.05# grep ankerpos /usr/samba.moonrock/private/smbpasswd
> ankerpos:921:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U
> ]:LCT-0
>
> bash-2.05# /usr/samba.moonrock/bin/smbpasswd -c /usr/samba.moonrock/lib/smb.conf
> ankerpos
> New SMB password:
>
> Retype new SMB password:
>
> bash-2.05# grep ankerpos /usr/samba.moonrock/private/smbpasswd
> ankerpos:921:4CD849F7C109C5D7B85EBEA904A749B9:1CC6D72446271E9697044BC68DB72678:[U
> ]:LCT-0
>
> bash-2.05# smbclient -L moonrock.admin -U ankerpos
> Password:
>
> session setup failed: NT_STATUS_LOGON_FAILURE
> bash-2.05# grep ankerpos /usr/samba.moonrock/private/smbpasswd
> ankerpos:921:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U
> ]:LCT-0
>
> smbd.conf (global section):
>
> [global]
> printing = sysv
> printcap name = /etc/printcap
> load printers = yes
> guest account = nobody
> workgroup = WFW
> os level = 33
> encrypt passwords = yes
> security = user
> preserve case = yes
> hosts allow = .....
> log file = /var/samba.moonrock/log/smb/log.%m
> log level = 3
> max log size = 500
> deadtime = 120
> dfree command=/usr/samba.moonrock/bin/dfree
> server string =
> # character set = utf-8
> unix charset = UTF8
> # dos charset = cp850
> socket address = ....
> interfaces = ce0
> bind interfaces only = yes
> pid directory = /var/samba.moonrock/run
> passdb backend = smbpasswd:/usr/samba.moonrock/private/smbpasswd
>
>
> log.moonrock:
>
> [2005/01/19 18:02:31, 3] auth/auth.c:check_ntlm_password(219)
> check_ntlm_password: Checking password for unmapped user
> [WFW]\[ankerpos]@[MOONROCK] with the new password interface
> [2005/01/19 18:02:31, 3] auth/auth.c:check_ntlm_password(222)
> check_ntlm_password: mapped user is: [MOONROCK]\[ankerpos]@[MOONROCK]
> [2005/01/19 18:02:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
> push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2005/01/19 18:02:31, 3] smbd/uid.c:push_conn_ctx(365)
> push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2005/01/19 18:02:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2005/01/19 18:02:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
> push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
> [2005/01/19 18:02:31, 3] smbd/uid.c:push_conn_ctx(365)
> push_conn_ctx(0) : conn_ctx_stack_ndx = 1
> [2005/01/19 18:02:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
> [2005/01/19 18:02:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
> pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2005/01/19 18:02:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
> pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2005/01/19 18:02:31, 3] libsmb/ntlm_check.c:ntlm_password_check(189)
> ntlm_password_check: NO NT password stored for user ankerpos.
> [2005/01/19 18:02:31, 3] libsmb/ntlm_check.c:ntlm_password_check(356)
> ntlm_password_check: NEITHER LanMan nor NT password supplied for user ankerpos
> [2005/01/19 18:02:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
> push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2005/01/19 18:02:31, 3] smbd/uid.c:push_conn_ctx(365)
> push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2005/01/19 18:02:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2005/01/19 18:02:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
> pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2005/01/19 18:02:31, 2] auth/auth.c:check_ntlm_password(312)
> check_ntlm_password: Authentication for user [ankerpos] -> [ankerpos] FAILED
> with error NT_STATUS_WRONG_PASSWORD
> [2005/01/19 18:02:31, 3] smbd/process.c:timeout_processing(1335)
> timeout_processing: End of file from client (client has disconnected).
> [2005/01/19 18:02:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2005/01/19 18:02:31, 2] smbd/server.c:exit_server(577)
> Closing connections
> [2005/01/19 18:02:31, 3] smbd/connection.c:yield_connection(69)
> Yielding connection to
> [2005/01/19 18:02:31, 3] smbd/server.c:exit_server(620)
> Server exit (normal exit)
> [2005/01/19 18:05:32, 3] auth/auth.c:check_ntlm_password(219)
> check_ntlm_password: Checking password for unmapped user
> [WFW]\[ankerpos]@[MOONROCK] with the new password interface
> [2005/01/19 18:05:32, 3] auth/auth.c:check_ntlm_password(222)
> check_ntlm_password: mapped user is: [MOONROCK]\[ankerpos]@[MOONROCK]
> [2005/01/19 18:05:32, 3] smbd/sec_ctx.c:push_sec_ctx(256)
> push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2005/01/19 18:05:32, 3] smbd/uid.c:push_conn_ctx(365)
> push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2005/01/19 18:05:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2005/01/19 18:05:32, 3] smbd/sec_ctx.c:push_sec_ctx(256)
> push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
> [2005/01/19 18:05:32, 3] smbd/uid.c:push_conn_ctx(365)
> push_conn_ctx(0) : conn_ctx_stack_ndx = 1
> [2005/01/19 18:05:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
> [2005/01/19 18:05:32, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
> pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2005/01/19 18:05:32, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
> pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2005/01/19 18:05:32, 3] libsmb/ntlm_check.c:ntlm_password_check(189)
> ntlm_password_check: NO NT password stored for user ankerpos.
> [2005/01/19 18:05:32, 3] libsmb/ntlm_check.c:ntlm_password_check(356)
> ntlm_password_check: NEITHER LanMan nor NT password supplied for user ankerpos
> [2005/01/19 18:05:32, 3] smbd/sec_ctx.c:push_sec_ctx(256)
> push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2005/01/19 18:05:32, 3] smbd/uid.c:push_conn_ctx(365)
> push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2005/01/19 18:05:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2005/01/19 18:05:32, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
> pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2005/01/19 18:05:32, 2] auth/auth.c:check_ntlm_password(312)
> check_ntlm_password: Authentication for user [ankerpos] -> [ankerpos] FAILED
> with error NT_STATUS_WRONG_PASSWORD
> [2005/01/19 18:05:32, 3] smbd/process.c:timeout_processing(1335)
> timeout_processing: End of file from client (client has disconnected).
> [2005/01/19 18:05:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2005/01/19 18:05:32, 2] smbd/server.c:exit_server(577)
> Closing connections
> [2005/01/19 18:05:32, 3] smbd/connection.c:yield_connection(69)
> Yielding connection to
> [2005/01/19 18:05:32, 3] smbd/server.c:exit_server(620)
> Server exit (normal exit)
>
>
>
>
>
> --
> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> Lieven Van Acker e-mail: Lieven.VanAcker at UGent.be
> Directie ICT, Afdeling Infrastructuur
> Groep Systemen tel: +32 9 264 4732
> Universiteit Gent fax: +32 9 264 4994
> Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be
> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>
--
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Lieven Van Acker e-mail: Lieven.VanAcker at UGent.be
Directie ICT, Afdeling Infrastructuur
Groep Systemen tel: +32 9 264 4732
Universiteit Gent fax: +32 9 264 4994
Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
More information about the samba
mailing list