Bug 14326 - Linux client asks for password to list and access passwordless shares from Windows server
Summary: Linux client asks for password to list and access passwordless shares from Wi...
Status: RESOLVED INVALID
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: libsmbclient (show other bugs)
Version: 4.10.10
Hardware: All Linux
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-03-26 18:09 UTC by Patrick Silva
Modified: 2020-09-25 13:48 UTC (History)
3 users (show)

See Also:


Attachments
output of smbc debugging (87.70 KB, text/plain)
2020-03-26 18:09 UTC, Patrick Silva
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Patrick Silva 2020-03-26 18:09:47 UTC
Created attachment 15871 [details]
output of smbc debugging

The issue mentioned in my summary was already reported in KDE bugzilla
https://bugs.kde.org/show_bug.cgi?id=398079

My client runs Arch Linux + samba and libwbclient 4.10.10 + KDE Plasma 5.18.3 desktop environment.
My server runs Windows 7 Professional.

I'm using a linux client to try access a share from a Windows server.
The client always asks for password to list and access the share despite it is passwordless.
Client lists the shares available when I enter fake "*" username and password
or another fake username and password. But I need to type username and password
that I use to start the user session of Window server when I want to open any
passwordless share from it.

You can read a detailed explanation and watch screen recordings showing the issue
in the following link
https://bugs.kde.org/show_bug.cgi?id=398079#c16

As we can read in the following link, KDE developer Harald Sitter thinks that something is wrong inside libsmbclient
https://bugs.kde.org/show_bug.cgi?id=398079#c19

I'm attaching the output of smbc debugging according to instructions
from the following link
https://bugs.kde.org/show_bug.cgi?id=398079#c14
Comment 1 Harald Sitter 2020-03-27 12:23:01 UTC
FWIW, from the info in the kde report I would infer that currently the AutoAnonymousLogin probably attempts to login with an empty password which windows servers seem to take offense with (probably because of some default secpol in win7+).
An easy solution then would be to send a random password instead of no password in the AutoAnonymousLogin. For all I know that will break something else though.
Comment 2 Harald Sitter 2020-03-27 12:23:21 UTC
FWIW, from the info in the kde report I would infer that currently the AutoAnonymousLogin probably attempts to login with an empty password which windows servers seem to take offense with (probably because of some default secpol in win7+).
An easy solution then would be to send a random password instead of no password in the AutoAnonymousLogin. For all I know that will break something else though.
Comment 3 Björn Jacke 2020-09-25 13:48:31 UTC
sending a random password or no password looks like a very bad idea to me as this will increase the bad logon counter. I also suggest to remove the AutoAnonymousLogin if there is something like that. Something like that is asking for trouble in many environments. If the current user had a krb5 ticket, then this can be used to try authenticating the user. But don't try guest logons or random passwords. please.