[Samba] Inconsistency with LANMAN1 and Samba 4.9
Andreas Reichel
homebase_ar at web.de
Fri May 31 20:33:29 UTC 2019
On 31.05.19 22:07, Andrew Bartlett wrote:
> On Fri, 2019-05-31 at 11:40 -0700, Jeremy Allison via samba wrote:
>> On Fri, May 31, 2019 at 07:09:44PM +0200, Andreas Reichel wrote:
>>>>> When adding me as the user with 'smbpasswd -a andreas', and entering a password,
>>>>> no LANMAN hash is generated. The generated smbpasswd entry always contains 32 X as the first hash.
>>>>>
>>>>> When I do the same with Samba 4.3.11-Ubuntu, the hash IS generated correctly.
>>>>>
>>>>> When I manually add the hash in 4.9.4, I still cannot connect from Win 3.11 and always get access denied.
>>>>>
>>>>> In 4.3.11, it works flawlessly, I can connect from Windows 3.11 without any problem.
>>>>>
>>>>> Question: Is this intended? And if yes, why are there all these options still settable?
>>>> You may be running into this code in passdb:
>>>>
>>>> bool pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext)
>>>> {
>>>> ...
>>>> if (!E_deshash(plaintext, new_lanman_p16)) {
>>>> /* E_deshash returns false for 'long' passwords (> 14
>>>> DOS chars). This allows us to match Win2k, which
>>>> does not store a LM hash for these passwords (which
>>>> would reduce the effective password length to 14 */
>>>>
>>>> if (!pdb_set_lanman_passwd (sampass, NULL, PDB_CHANGED))
>>>> return False;
>>>> } else {
>>>> if (!pdb_set_lanman_passwd (sampass, new_lanman_p16, PDB_CHANGED))
>>>> return False;
>>>> }
>>>> ...
>>>>
>>>> Is the password greater that 14 characters ? If so, looks like
>>>> we won't store it.
>>> No, it has 8 characters. And I tried to enter the hash manually into the
>>> smbpasswd, which didn't work either. It is as if samba 4.9.4 would
>>> ignore lanman completely.
>> Hmmm. Sounds like a bug. Are you able to use gdb to
>> walk through the call stack to debug ?
>>
>> If not someone here will do it, but you might have
>> to wait a while (log a bug at bugzilla.samba.org
>> so we can track it) as getting LANMAN auth working
>> is low priority (it's completely insecure I'm afraid).
> We honour 'lanman auth' and don't store it if set, but that much has
> been the same for a long time, but if the hash is being injected
> manually that won't be it.
>
> It might be further up the stack, like requirements for SPNEGO, ntlmv2
> etc.
>
> Andreas,
>
> Can you post your smb.conf and check your logs for helpful messages?
> (turn up the log level until you get some).
>
> Thanks,
>
> Andrew Bartlett
Hi Andrew, I have already posted my config :) As a first step, I think
we have to understand why
smbpasswd does not generate the hash on 4.9.4 but does it on 4.3.11.
The Debug output on version 4.9.4 is:
*************************************************
sudo smbpasswd -D 10 -a andreas
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
Processing section "[global]"
doing parameter workgroup = HOMEBASE
doing parameter netbios name = Orcane
doing parameter wins support = Yes
doing parameter client signing = No
doing parameter domain master = No
doing parameter lanman auth = Yes
doing parameter log file = /var/log/samba/%m.log
doing parameter max log size = 50
doing parameter name resolve order = host lmhosts wins bcast
doing parameter passdb backend = smbpasswd
doing parameter preferred master = Yes
doing parameter security = USER
doing parameter server signing = No
doing parameter server string = Orcane Cortex Gateway
doing parameter smb passwd file = /etc/samba/smbpasswd
pm_process() returned Yes
lp_servicenumber: couldn't find homes
messaging_dgm_ref: messaging_dgm_init returned Erfolg
messaging_dgm_ref: unique = 77100529419162899
Registering messaging pointer for type 2 - private_data=(nil)
Registering messaging pointer for type 9 - private_data=(nil)
Registered MSG_REQ_POOL_USAGE
Registering messaging pointer for type 11 - private_data=(nil)
Registering messaging pointer for type 12 - private_data=(nil)
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
Registering messaging pointer for type 1 - private_data=(nil)
Registering messaging pointer for type 5 - private_data=(nil)
Registering messaging pointer for type 51 - private_data=(nil)
messaging_init_internal: my id: 16972
lp_load_ex: refreshing parameters
Freeing parametrics:
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
Processing section "[global]"
doing parameter workgroup = HOMEBASE
doing parameter netbios name = Orcane
doing parameter wins support = Yes
doing parameter client signing = No
doing parameter domain master = No
doing parameter lanman auth = Yes
doing parameter log file = /var/log/samba/%m.log
doing parameter max log size = 50
doing parameter name resolve order = host lmhosts wins bcast
doing parameter passdb backend = smbpasswd
doing parameter preferred master = Yes
doing parameter security = USER
doing parameter server signing = No
doing parameter server string = Orcane Cortex Gateway
doing parameter smb passwd file = /etc/samba/smbpasswd
pm_process() returned Yes
lp_servicenumber: couldn't find homes
Netbios name list:-
my_netbios_names[0]="ORCANE"
Attempting to register passdb backend samba_dsdb
Successfully added passdb backend 'samba_dsdb'
Attempting to register passdb backend samba4
Successfully added passdb backend 'samba4'
Attempting to find a passdb backend to match smbpasswd (smbpasswd)
No builtin backend found, trying to load plugin
load_module_absolute_path: Probing module '/usr/lib/samba/pdb/smbpasswd.so'
load_module_absolute_path: Module '/usr/lib/samba/pdb/smbpasswd.so' loaded
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
New SMB password:
Retype new SMB password:
getsampwnam (smbpasswd): search by name: andreas
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
Finding user andreas
Trying _Get_Pwnam(), username as lowercase is andreas
Get_Pwnam_internals did find user [andreas]!
pdb_set_username: setting username andreas, was
pdb_set_full_name: setting full name , was
pdb_set_domain: setting domain ORCANE, was
Home server: orcane
pdb_set_profile_path: setting profile path \\orcane\andreas\profile, was
Home server: orcane
pdb_set_homedir: setting home dir \\orcane\andreas, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_set_user_sid: setting user sid
S-1-5-21-2045757840-2064742327-2345991121-3000
pdb_set_user_sid_from_rid:
setting user sid S-1-5-21-2045757840-2064742327-2345991121-3000
from rid 3000
pdb_set_username: setting username andreas, was andreas
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
getsampwnam (smbpasswd): search by name: andreas
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
getsmbfilepwent: LM password for user andreas invalidated
getsmbfilepwent: returning passwd entry for user andreas, uid 1000
endsmbfilepwent_internal: closed password file.
getsampwnam (smbpasswd): found by name: andreas
Finding user andreas
Trying _Get_Pwnam(), username as lowercase is andreas
Get_Pwnam_internals did find user [andreas]!
pdb_set_username: setting username andreas, was
pdb_set_full_name: setting full name , was
pdb_set_domain: setting domain ORCANE, was
Home server: orcane
pdb_set_profile_path: setting profile path \\orcane\andreas\profile, was
Home server: orcane
pdb_set_homedir: setting home dir \\orcane\andreas, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_set_user_sid: setting user sid
S-1-5-21-2045757840-2064742327-2345991121-3000
pdb_set_user_sid_from_rid:
setting user sid S-1-5-21-2045757840-2064742327-2345991121-3000
from rid 3000
Opening cache file at /var/cache/samba/gencache.tdb
Opening cache file at /var/cache/samba/gencache_notrans.tdb
gid 1001 -> sid S-1-22-2-1001
Forcing Primary Group to 'Domain Users' for andreas
account_policy_get: name: password history, val: 0
pdb_set_username: setting username andreas, was
pdb_set_domain: setting domain ORCANE, was
pdb_set_nt_username: setting nt username , was
pdb_set_full_name: setting full name , was
Home server: orcane
pdb_set_homedir: setting home dir \\orcane\andreas, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
Home server: orcane
pdb_set_profile_path: setting profile path \\orcane\andreas\profile, was
pdb_set_workstations: setting workstations , was
account_policy_get: name: password history, val: 0
pdb_set_user_sid: setting user sid
S-1-5-21-2045757840-2064742327-2345991121-3000
pdb_set_user_sid_from_rid:
setting user sid S-1-5-21-2045757840-2064742327-2345991121-3000
from rid 3000
pdb_set_group_sid: setting group sid
S-1-5-21-2045757840-2064742327-2345991121-513
account_policy_get: name: password history, val: 0
mod_smbfilepwd_entry: opening file /etc/samba/smbpasswd
mod_smbfilepwd_entry: entry exists for user andreas
Added user andreas.
The resulting smbpasswd is:
andreas:1000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:F97C....B00B..CA4F54..........11:[U
]:LCT-5CF18D52:
(I have replaced some digits because I don't want my password hash being
on a mailing list :D
The LM Hash is not generated at all.
*******************************************************
And on version 4.3.11:
root at Orcane:/# smbpasswd -D 10 -a blah
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
lp_load_ex: refreshing parameters
Initialising global parameters
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
Processing section "[global]"
doing parameter workgroup = HOMEBASE
doing parameter netbios name = Orcane
doing parameter wins support = Yes
doing parameter client signing = No
doing parameter domain master = No
doing parameter lanman auth = Yes
doing parameter log file = /var/log/samba/%m.log
doing parameter max log size = 50
doing parameter name resolve order = host lmhosts wins bcast
doing parameter passdb backend = smbpasswd
doing parameter preferred master = Yes
doing parameter security = USER
doing parameter server signing = No
doing parameter server string = Orcane Cortex Gateway
doing parameter smb passwd file = /etc/samba/smbpasswd
pm_process() returned Yes
lp_servicenumber: couldn't find homes
Netbios name list:-
my_netbios_names[0]="ORCANE"
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend wbc_sam
Successfully added passdb backend 'wbc_sam'
Attempting to register passdb backend samba_dsdb
Successfully added passdb backend 'samba_dsdb'
Attempting to register passdb backend samba4
Successfully added passdb backend 'samba4'
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend NDS_ldapsam
Successfully added passdb backend 'NDS_ldapsam'
Attempting to register passdb backend IPA_ldapsam
Successfully added passdb backend 'IPA_ldapsam'
Attempting to find a passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
tdb(/var/lib/samba/private/secrets.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/private/secrets.tdb
lock order: 1:/var/lib/samba/private/secrets.tdb 2:<none> 3:<none>
Locking key 534543524554532F5349
Allocated locked data 0x0x5557ad174c50
Unlocking key 534543524554532F5349
release lock order 1 for /var/lib/samba/private/secrets.tdb
lock order: 1:<none> 2:<none> 3:<none>
tdb(/var/lib/samba/private/secrets.tdb): tdb_transaction_start: nesting 1
New SMB password:
Retype new SMB password:
getsampwnam (smbpasswd): search by name: blah
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
getsmbfilepwent: returning passwd entry for user andreas, uid 1000
getsmbfilepwent: skipping comment or blank line
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
Finding user blah
Trying _Get_Pwnam(), username as lowercase is blah
Trying _Get_Pwnam(), username as uppercase is BLAH
Checking combinations of 0 uppercase letters in blah
Get_Pwnam_internals didn't find user [blah]!
Could not find user blah and no add script defined
Failed to add entry for user blah.
root at Orcane:/# ^Cbpasswd -D 10 -a blah
root at Orcane:/# useradd -m blah
root at Orcane:/# smbpasswd -D 10 -a blah
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
lp_load_ex: refreshing parameters
Initialising global parameters
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
Processing section "[global]"
doing parameter workgroup = HOMEBASE
doing parameter netbios name = Orcane
doing parameter wins support = Yes
doing parameter client signing = No
doing parameter domain master = No
doing parameter lanman auth = Yes
doing parameter log file = /var/log/samba/%m.log
doing parameter max log size = 50
doing parameter name resolve order = host lmhosts wins bcast
doing parameter passdb backend = smbpasswd
doing parameter preferred master = Yes
doing parameter security = USER
doing parameter server signing = No
doing parameter server string = Orcane Cortex Gateway
doing parameter smb passwd file = /etc/samba/smbpasswd
pm_process() returned Yes
lp_servicenumber: couldn't find homes
Netbios name list:-
my_netbios_names[0]="ORCANE"
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend wbc_sam
Successfully added passdb backend 'wbc_sam'
Attempting to register passdb backend samba_dsdb
Successfully added passdb backend 'samba_dsdb'
Attempting to register passdb backend samba4
Successfully added passdb backend 'samba4'
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend NDS_ldapsam
Successfully added passdb backend 'NDS_ldapsam'
Attempting to register passdb backend IPA_ldapsam
Successfully added passdb backend 'IPA_ldapsam'
Attempting to find a passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
New SMB password:
Retype new SMB password:
getsampwnam (smbpasswd): search by name: blah
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
getsmbfilepwent: returning passwd entry for user andreas, uid 1000
getsmbfilepwent: skipping comment or blank line
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
Finding user blah
Trying _Get_Pwnam(), username as lowercase is blah
Get_Pwnam_internals did find user [blah]!
pdb_set_username: setting username blah, was
pdb_set_full_name: setting full name , was
pdb_set_domain: setting domain ORCANE, was
Home server: orcane
pdb_set_profile_path: setting profile path \\orcane\blah\profile, was
Home server: orcane
pdb_set_homedir: setting home dir \\orcane\blah, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_set_user_sid: setting user sid
S-1-5-21-943193812-4018541947-3038954527-3002
pdb_set_user_sid_from_rid:
setting user sid S-1-5-21-943193812-4018541947-3038954527-3002 from
rid 3002
pdb_set_username: setting username blah, was blah
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
getsmbfilepwent: returning passwd entry for user andreas, uid 1000
getsmbfilepwent: skipping comment or blank line
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
getsampwnam (smbpasswd): search by name: blah
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
getsmbfilepwent: returning passwd entry for user andreas, uid 1000
getsmbfilepwent: skipping comment or blank line
getsmbfilepwent: LM password for user blah invalidated
getsmbfilepwent: returning passwd entry for user blah, uid 1001
endsmbfilepwent_internal: closed password file.
getsampwnam (smbpasswd): found by name: blah
Finding user blah
Trying _Get_Pwnam(), username as lowercase is blah
Get_Pwnam_internals did find user [blah]!
pdb_set_username: setting username blah, was
pdb_set_full_name: setting full name , was
pdb_set_domain: setting domain ORCANE, was
Home server: orcane
pdb_set_profile_path: setting profile path \\orcane\blah\profile, was
Home server: orcane
pdb_set_homedir: setting home dir \\orcane\blah, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_set_user_sid: setting user sid
S-1-5-21-943193812-4018541947-3038954527-3002
pdb_set_user_sid_from_rid:
setting user sid S-1-5-21-943193812-4018541947-3038954527-3002 from
rid 3002
Opening cache file at /var/cache/samba/gencache.tdb
Opening cache file at /var/run/samba/gencache_notrans.tdb
gid_to_sid: winbind failed to find a sid for gid 1001
Adding cache entry with key=[IDMAP/SID2XID/S-1-22-2-1001] and
timeout=[Fri Jun 7 20:29:16 2019 UTC] (604800 seconds ahead)
Adding cache entry with key=[IDMAP/GID2SID/1001] and timeout=[Fri Jun 7
20:29:16 2019 UTC] (604799 seconds ahead)
LEGACY: gid 1001 -> sid S-1-22-2-1001
Forcing Primary Group to 'Domain Users' for blah
tdb(/var/lib/samba/account_policy.tdb): tdb_open_ex: could not open file
/var/lib/samba/account_policy.tdb: No such file or directory
Could not open tdb: No such file or directory
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 494E464F2F7665727369
Allocated locked data 0x0x564e841a7c30
Unlocking key 494E464F2F7665727369
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_get: tdb_fetch_uint32_t failed for type 1 (min password
length), returning 0
tdb(/var/lib/samba/account_policy.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 6D696E2070617373776F
Allocated locked data 0x0x564e841a9da0
Unlocking key 6D696E2070617373776F
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_set: name: min password length, value: 5
account_policy_get: tdb_fetch_uint32_t failed for type 2 (password
history), returning 0
tdb(/var/lib/samba/account_policy.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 70617373776F72642068
Allocated locked data 0x0x564e841a9da0
Unlocking key 70617373776F72642068
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_set: name: password history, value: 0
account_policy_get: tdb_fetch_uint32_t failed for type 3 (user must
logon to change password), returning 0
tdb(/var/lib/samba/account_policy.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 75736572206D75737420
Allocated locked data 0x0x564e841a9da0
Unlocking key 75736572206D75737420
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_set: name: user must logon to change password, value: 0
account_policy_get: tdb_fetch_uint32_t failed for type 4 (maximum
password age), returning 0
tdb(/var/lib/samba/account_policy.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 6D6178696D756D207061
Allocated locked data 0x0x564e841a9da0
Unlocking key 6D6178696D756D207061
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_set: name: maximum password age, value: -1
account_policy_get: tdb_fetch_uint32_t failed for type 5 (minimum
password age), returning 0
tdb(/var/lib/samba/account_policy.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 6D696E696D756D207061
Allocated locked data 0x0x564e841a9da0
Unlocking key 6D696E696D756D207061
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_set: name: minimum password age, value: 0
account_policy_get: tdb_fetch_uint32_t failed for type 6 (lockout
duration), returning 0
tdb(/var/lib/samba/account_policy.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 6C6F636B6F7574206475
Allocated locked data 0x0x564e841a9da0
Unlocking key 6C6F636B6F7574206475
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_set: name: lockout duration, value: 30
account_policy_get: tdb_fetch_uint32_t failed for type 7 (reset count
minutes), returning 0
tdb(/var/lib/samba/account_policy.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 726573657420636F756E
Allocated locked data 0x0x564e841a9da0
Unlocking key 726573657420636F756E
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_set: name: reset count minutes, value: 30
account_policy_get: tdb_fetch_uint32_t failed for type 8 (bad lockout
attempt), returning 0
tdb(/var/lib/samba/account_policy.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 626164206C6F636B6F75
Allocated locked data 0x0x564e841a9da0
Unlocking key 626164206C6F636B6F75
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_set: name: bad lockout attempt, value: 0
account_policy_get: tdb_fetch_uint32_t failed for type 9 (disconnect
time), returning 0
tdb(/var/lib/samba/account_policy.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 646973636F6E6E656374
Allocated locked data 0x0x564e841a9da0
Unlocking key 646973636F6E6E656374
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_set: name: disconnect time, value: -1
account_policy_get: tdb_fetch_uint32_t failed for type 10 (refuse
machine password change), returning 0
tdb(/var/lib/samba/account_policy.tdb): tdb_transaction_start: nesting 1
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 726566757365206D6163
Allocated locked data 0x0x564e841a9da0
Unlocking key 726566757365206D6163
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_set: name: refuse machine password change, value: 0
get_privileges: No privileges assigned to SID [S-1-1-0]
grant_privilege: S-1-1-0
original privilege mask: 0x0
new privilege mask: 0x0
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 505249565F532D312D31
Allocated locked data 0x0x564e841a9f80
Unlocking key 505249565F532D312D31
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
get_privileges: No privileges assigned to SID [S-1-5-32-548]
grant_privilege: S-1-5-32-548
original privilege mask: 0x0
new privilege mask: 0x0
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 505249565F532D312D35
Allocated locked data 0x0x564e841a9ff0
Unlocking key 505249565F532D312D35
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
get_privileges: No privileges assigned to SID [S-1-5-32-549]
grant_privilege: S-1-5-32-549
original privilege mask: 0x0
new privilege mask: 0x0
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 505249565F532D312D35
Allocated locked data 0x0x564e841aa080
Unlocking key 505249565F532D312D35
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
get_privileges: No privileges assigned to SID [S-1-5-32-550]
grant_privilege: S-1-5-32-550
original privilege mask: 0x0
new privilege mask: 0x0
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 505249565F532D312D35
Allocated locked data 0x0x564e841aa180
Unlocking key 505249565F532D312D35
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
get_privileges: No privileges assigned to SID [S-1-5-32-551]
grant_privilege: S-1-5-32-551
original privilege mask: 0x0
new privilege mask: 0x0
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 505249565F532D312D35
Allocated locked data 0x0x564e841aa280
Unlocking key 505249565F532D312D35
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
get_privileges: No privileges assigned to SID [S-1-5-32-544]
grant_privilege: S-1-5-32-544
original privilege mask: 0x1ffffff0
new privilege mask: 0x1ffffff0
check lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:/var/lib/samba/account_policy.tdb 2:<none> 3:<none>
Locking key 505249565F532D312D35
Allocated locked data 0x0x564e841aa380
Unlocking key 505249565F532D312D35
release lock order 1 for /var/lib/samba/account_policy.tdb
lock order: 1:<none> 2:<none> 3:<none>
account_policy_get: name: password history, val: 0
pdb_set_username: setting username blah, was
pdb_set_domain: setting domain ORCANE, was
pdb_set_nt_username: setting nt username , was
pdb_set_full_name: setting full name , was
Home server: orcane
pdb_set_homedir: setting home dir \\orcane\blah, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
Home server: orcane
pdb_set_profile_path: setting profile path \\orcane\blah\profile, was
pdb_set_workstations: setting workstations , was
account_policy_get: name: password history, val: 0
pdb_set_user_sid: setting user sid
S-1-5-21-943193812-4018541947-3038954527-3002
pdb_set_user_sid_from_rid:
setting user sid S-1-5-21-943193812-4018541947-3038954527-3002 from
rid 3002
pdb_set_group_sid: setting group sid
S-1-5-21-943193812-4018541947-3038954527-513
account_policy_get: name: password history, val: 0
mod_smbfilepwd_entry: opening file /etc/samba/smbpasswd
mod_smbfilepwd_entry: skipping comment or blank line
mod_smbfilepwd_entry: entry exists for user blah
Added user blah.
and the resulting smbpasswd with testpassword: testtest is
blah:1001:CEEB0FA9F240C200417EAF50CFAC29C3:3C99B8901B00758369F18B9DF72012C8:[U
]:LCT-5CF18E9D:
With the hash set correctly :)
*********************************************************************
More information about the samba
mailing list