[Samba] Vista, share level, UNC

Jeremy Allison jra at samba.org
Fri Apr 6 22:46:09 GMT 2007 

On Fri, Apr 06, 2007 at 10:52:05PM +0200, Giulio wrote:
> Vista32
> 3.0.25pre2 (I understand vista patches for "share level" are already in)
> security = share     (with "valid users" on share definition)
> host msdfs = no
> 
> user/pass in smbpasswd file.
> 
> 
> If I use "connect network drive..." method with "connect as another user",
> then it will always work.
> 
> If I use start, search , \\server\share and then type user/pass in the
> dialog box, then it will _almost_ never work; it worked randomly just twice
> in my numerous tests. (for every test I log-off,log-on).
> 
> So, is this supposed to work or the supported method is "connect network
> drive only"?
> 
> Thanks
> 
>   ntlm_password_check: NTLMv2 password check failed
>   check_ntlm_password:  Authentication for user [myuser] -> [myuser] FAILED
> with
>  error NT_STATUS_WRONG_PASSWORD
>   ntlm_password_check: LM password, NT MD4 password in LM field and LMv2
> failed
> for user myuser
>   check_ntlm_password:  Authentication for user [myuser] -> [myuser] FAILED
> with
>  error NT_STATUS_WRONG_PASSWORD
>   ntlm_password_check: NTLMv2 password check failed
>   check_ntlm_password:  Authentication for user [myuser] -> [myuser] FAILED
> with
>  error NT_STATUS_WRONG_PASSWORD
>   ntlm_password_check: LM password, NT MD4 password in LM field and LMv2
> failed
> for user myuser
>   check_ntlm_password:  Authentication for user [myuser] -> [myuser] FAILED
> with
>  error NT_STATUS_WRONG_PASSWORD
>   ntlm_password_check: NTLMv2 password check failed
>   check_ntlm_password:  Authentication for user [myuser] -> [myuser] FAILED
> with
>  error NT_STATUS_WRONG_PASSWORD
>   ntlm_password_check: LM password, NT MD4 password in LM field and LMv2
> failed
> for user myuser

I took a look at this. It looks to me like the Vista client has
horrible bugs w.r.t. connecting to a server in share level security.

For example - it seems to cache the user you connected as, and even
when it brings up the dialog box and type in another user it never
sends that username in a subsequent sessionsetupX call.

My guess is that Microsoft simply didn't test this code too much
in Vista, as none of their servers use share level security with
NTLMv2.

Jeremy.

More information about the samba mailing list