[Samba] NT MD4 password encryption question

Bryan Henderson bryanh at giraffe-data.com
Sat Apr 20 12:30:18 MDT 2013

Are there multiple ways that Windows clients encrypt passwords?  I'm seeing 
different behavior between two clients.

On one, I can access a Samba share just fine.  On the other, using the same 
username and password to access the same share, I get "incorrect password."

Looking for the difference in Samba debug traces, I find it comes down to 

  smb_password_ok: Checking SMB password for user bryanh
  smb_password_ok: challenge received
  smb_password_ok: Checking NT MD4 password
  smb_password_ok: NT MD4 password check failed
on the failing system; same thing but the last word is "succeeded" on the
working system.

The only relevant difference I can think of between the systems is that the
working system is Windows XP and the failing one is Windows 7.

This really seems to say the two systems are sending a different response 
for the same username/password/challenge.  Is that possible?

This is not current Samba, btw, so I'm not asking anyone to debug it; I'm 
just trying to get a handle on the problem.

More information about the samba mailing list