[Samba] Old samba password is valid after setting the new one.
Rowland penny
rpenny at samba.org
Fri Oct 25 20:54:31 UTC 2019
On 25/10/2019 21:39, Dipl.-Ing. Péter Varkoly via samba wrote:
> Hi,
>
> I've detected a very strange behavior on samba 4.8.9 and 4.10.6.
> After setting a new password for a user with samba-tool the old
> password remains valid. The user can use both passwords.
> After setting the third password become the first password invalid:
>
> :~ # samba-tool user setpassword extisadm --newpassword=12AbCdEf
> Changed password OK
> :~ # samba-tool user setpassword extisadm --newpassword=12AbCdEG
> Changed password OK
> :~ # smbclient -L admin -U extisadm%12AbCdEf
>
> Sharename Type Comment
> --------- ---- -------
> sysvol Disk
> groups Disk Shared directories of groups .....
> users Disk All users
> all Disk Folder for all
> alladmins Disk Folder for administration personal
> software Disk Folder for software
> :~ # samba-tool user setpassword extisadm --newpassword=12AbCdEC
> :~ # smbclient -L admin -U extisadm%12AbCdEf
> session setup failed: NT_STATUS_LOGON_FAILURE
>
> Is it a bug or a feature?
>
I think this a feature, a Windows feature ;-)
Try changing the password and then wait an hour or so and then try the
old password, it shouldn't work.
Rowland
More information about the samba
mailing list