[Samba] Win ME couln't login
John H Terpstra
jht at samba.org
Sun May 15 22:20:18 MDT 2011
On 05/15/2011 10:48 PM, yudi shiddiq wrote:
> I have made samba PDC and tested with client win 7, win xp, and win vista
> successfully but fail with win millenium edition, the message shows that the
> password is incorect or access to the server has been denied.
>
> Installed s/w :
> - openldap2-2.4.21-9.1.i586
> - openldap2-client-2.4.21-9.1.i586
> - samba-3.5.4-4.1.i586
>
> Please give me a clue, because we still have client with OS Win ME....
Samba 3.5.4 has LANMAN passwords disabled by default. Windows ME
requires LANMAN passwords and can not use NT passwords. Windows NT and
later (XP, Vista and 7) can make use of NT passwords.
To permit Windows ME to log onto a Samba domain you need to add to
smb.conf [global]
lanman auth = Yes
From the smb.conf man page for this parameter note as follows:
This parameter determines whether or not smbd(8) will attempt to
authenticate users or permit password changes using the LANMAN password
hash. If disabled, only clients which support NT password hashes (e.g.
Windows NT/2000 clients, smbclient, but not Windows 95/98 or the MS DOS
network client) will be able to connect to the Samba host.
The LANMAN encrypted response is easily broken, due to its
case-insensitive nature, and the choice of algorithm. Servers without
Windows 95/98/ME or MS DOS clients are advised to disable this option.
When this parameter is set to no this will also result in
sambaLMPassword in Samba´s passdb being blanked after the next password
change. As a result of that lanman clients won´t be able to
authenticate, even if lanman auth is reenabled later on.
[cut]...[cut]
Default: lanman auth = no
Note:
After you have enabled "lanman auth = yes", you must set all passwords
again to create the SambaLMpassword entry in your passdb backend (LDAP
in your case).
Cheers,
John T.
More information about the samba
mailing list