Bug 2821 - Samba 3's ntlm auth option is ignored
Summary: Samba 3's ntlm auth option is ignored
Status: RESOLVED WONTFIX
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: File Services (show other bugs)
Version: 3.0.14a
Hardware: All All
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-06-23 12:04 UTC by mvolaski
Modified: 2005-07-15 15:52 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description mvolaski 2005-06-23 12:04:04 UTC
When logging into samba-2.2.8a that is utilizing smbpasswd with encrypted password = Yes, it 
appears that passwords were not case-sensitive (and therefore NTLM passwords could not be used).

I'm assuming there was a bug (not posted here) that had been fixed since passwords in 3.0.14a are 
case-sensitive. 

There is a new option called ntlm auth. Presumably, setting that to "No" should disable NTLM 
authentication and allow mixed-case passwords to be accepted via LM (assuming NTLMv2 is disabled 
on the client). It appears that is not the case and setting this option to "No" is ignored.
Comment 1 Andrew Bartlett 2005-06-28 05:20:10 UTC
The only bug here would be to documentation.  There is deliberatly no way to
force Samba to ignore an NT response in favor of the less secure LM response.  

The ntlm auth parameter is about upgrading, not downgrading the level of
security on the host.  It causes only NTLMv2 and kerberos logins to be accepted.
Comment 2 Gerald (Jerry) Carter 2005-07-15 15:52:45 UTC
andrew says behavior by design.