6584 – smbpasswd -r -U report RPC fault

Bug 6584 - smbpasswd -r -U report RPC fault

Summary: smbpasswd -r -U report RPC fault

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 3.4
Classification:	Unclassified
Component:	Client Tools (show other bugs)
Version:	3.4.0
Hardware:	All All

Importance:	P3 major
Target Milestone:	---
Assignee:	Karolin Seeger
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-07-29 01:05 UTC by Zhou Weikuan
Modified:	2009-09-02 04:02 UTC (History)
CC List:	0 users

See Also:

Flags:	metze: review+

Attachments
split domain/name in advance (3.43 KB, patch) 2009-08-30 10:55 UTC, Simo Sorce	no flags	Details
revised version of that patch (tested and pushed to master) (2.04 KB, patch) 2009-09-02 03:21 UTC, Guenther Deschner	no flags	Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Zhou Weikuan 2009-07-29 01:05:38 UTC

The steps to repro this problem:
0) configure the environment, use net ads join to join a win2k3 domain
1) smbpasswd -a user   (user must be a local unix account name)
2) smbpasswd -r machine -U machine/user

it reports:
#/usr/local/samba/bin/smbpasswd -r diablo -U diablo/weikuan
Old SMB password:
New SMB password:
Retype new SMB password:
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from host diablo!
machine diablo rejected the password change: Error was : NT code 0x1c010002.

This problem doesn't occur for samba-3.0.27a, it does occur for samba-3.3.6

We suspect it is caused by command line parser or RPC parser's problem.

Comment 1 Zhou Weikuan 2009-07-29 01:08:49 UTC

I think the root cause is: when we smbpasswd -r machine -U machine/user, the user is recognised as "machine/user", acctually, it should be "user".

Function libsmb/ntlmssp.c:ntlmssp_server_auth() is called twice each time we
user smbpasswd -r -U to update the password. in the first time, the parser
works good, domain="machine", workstation="machine", user="user", but in the
second time, domain="", workstation="machine", user="machine/user", this causes
the request to be resent to 2k3 domain to search user "machine/user", RPC fault
occurs.

When we update the function, detect whether domain="" and user contains "/",
and then split the content of user into domain and user, the RPC fault doesn't occur, it becomes:

shell> sudo smbpasswd -r machine -U machine/user2
Old SMB password:
New SMB password:
Retype new SMB password:
machine machine rejected the password change: Error was : No such user.

Check the log, this is because function smbd/chgpasswd.c:check_oem_passwd is
passed in a user as "machine/user", after we split the user, and assign the
user with "user", the password for "user" is updated accordingly.

We can't fix the bug as the resolution above, it is too rough, the correct
solution should be somewhere on some parser.

Comment 2 Simo Sorce 2009-08-30 10:55:02 UTC

Created attachment 4613 [details]
split domain/name in advance

Can you please test this patch ?
It should fix your problem.

Comment 3 Guenther Deschner 2009-09-02 03:21:09 UTC

Created attachment 4622 [details]
revised version of that patch (tested and pushed to master)

Simo, I tested that patch and needed to make some small modifications to make it work. Its pushed to master now.

Comment 4 Guenther Deschner 2009-09-02 03:40:31 UTC

Karolin, please pick for 3.4

Comment 5 Karolin Seeger 2009-09-02 04:02:30 UTC

Pushed.
Closing out bug report.

Thanks!