Downloaded the latest Samba, applied the rc4 patch and compiled with gcc 2.95.3. Our site uses plain passwords, some windows 3.1 boxes still need to connect. Windows 95, Windows 98 and Windows 2K clients connect no hassle, same with smbclient from many different versions of Samba. however my NT4 (SP6+) box and our XP (SP0) box in this room cannot connect. using auth_unix authentication (with some manual debug) umm ... NT4 box mechanism doesn't appear to be providing _any_ password to the pass_check function, the WinXP box only appears to be providing gibberish. Both of these boxes work fine talking to our 2.0 and 2.2 Samba servers running in very similar environments.
ok ... i've dug deeper ... i can get NT4 to authenticate if i modify smbd/sesssetup.c if i force it to use passlen1 instead of passlen2 (worked out using the unic variable) i can authenticate my NT4 box. (line 827 ish) since mine is the only NT4 box in the building i could fix it by checking if it's NT4 first (which it is correctly identified as) this doesn't fix the XP password problem.
actually, not sure what it breaks but changing: unic=SVAL(inbuf, smb_flg2) & FLAGS2_UNICODE_STRINGS; to unic=SVAL(inbuf, smb_flg2) & FLAGS2_UNICODE_STRINGS && passlen2 != 0; appears to work.
XP still doesn't work non-encrypted, but i'm assuming this is a completely different problem. Can't really spend much longer looking at it by myself, if you have any thoughts, i can test them on our systems and give feedback.
This is not a bug in the ntlm_auth utility. Plaintext passwords on unicode connections are known to have issues, due to bugs in the MS clients, and the basic fact that Samba is the only server to even offer this capability. We should fix this bug, but use of unencrypted passwords will always cause issues.
*** This bug has been marked as a duplicate of 815 ***
originally reported against one of the 3.0.0rc[1-4] releases. Cleaning up non-production versions.
database cleanup