Bug 2821 - Samba 3's ntlm auth option is ignored
Samba 3's ntlm auth option is ignored
Product: Samba 3.0
Classification: Unclassified
Component: File Services
All All
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2005-06-23 12:04 UTC by mvolaski
Modified: 2005-07-15 15:52 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description mvolaski 2005-06-23 12:04:04 UTC
When logging into samba-2.2.8a that is utilizing smbpasswd with encrypted password = Yes, it 
appears that passwords were not case-sensitive (and therefore NTLM passwords could not be used).

I'm assuming there was a bug (not posted here) that had been fixed since passwords in 3.0.14a are 

There is a new option called ntlm auth. Presumably, setting that to "No" should disable NTLM 
authentication and allow mixed-case passwords to be accepted via LM (assuming NTLMv2 is disabled 
on the client). It appears that is not the case and setting this option to "No" is ignored.
Comment 1 Andrew Bartlett 2005-06-28 05:20:10 UTC
The only bug here would be to documentation.  There is deliberatly no way to
force Samba to ignore an NT response in favor of the less secure LM response.  

The ntlm auth parameter is about upgrading, not downgrading the level of
security on the host.  It causes only NTLMv2 and kerberos logins to be accepted.
Comment 2 Gerald (Jerry) Carter 2005-07-15 15:52:45 UTC
andrew says behavior by design.