[Samba] Samba 4 empty password
Fink Oliver
oliver.fink at ak-vorarlberg.at
Thu Aug 8 05:32:23 MDT 2013
Hello Andrew,
Thanks for your reply.
We did try with following settings:
smb.conf
null passwords = Yes
minimum password lenght set to 0
We set the password over a Windows 7 client.
Thanks a lot
Oliver
>> Kerberos: Looking for ENC-TS pa-data -- media1 at BC
>> [2013/08/07 13:31:46, 3]
>> ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
>> Kerberos: Failed to decrypt PA-DATA -- media1 at BC (enctype
>> aes256-cts-hmac-sha1-96) error Decrypt integrity check failed for checksum
>> type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
>> [2013/08/07 13:31:46, 3]
>> ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
>> Kerberos: Failed to decrypt PA-DATA -- media1 at BC
>This means the KDC had a different hash to the one the user encrypted the time
>with.
>Aside from the flag 'ACB_NOPWREQ' (which does *not* mean no password
>required, it actually means no password requirements, ie no minimum
>length), the KDC doesn't know the length (even zero length) of the
>password, it just performs calculations based on the stored hash.
>How did you set the 'empty' password in Samba?
>Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/<http://samba.org/%7Eabartlet/>
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list