The Samba-Bugzilla – Bug 718
XP and NT4 Authentication unencrypted passwords
Last modified: 2005-11-14 09:29:09 UTC
Downloaded the latest Samba, applied the rc4 patch and compiled with gcc 2.95.3.
Our site uses plain passwords, some windows 3.1 boxes still need to connect.
Windows 95, Windows 98 and Windows 2K clients connect no hassle, same with
smbclient from many different versions of Samba.
however my NT4 (SP6+) box and our XP (SP0) box in this room cannot connect.
using auth_unix authentication (with some manual debug) umm ... NT4 box
mechanism doesn't appear to be providing _any_ password to the pass_check
function, the WinXP box only appears to be providing gibberish.
Both of these boxes work fine talking to our 2.0 and 2.2 Samba servers running
in very similar environments.
ok ... i've dug deeper ... i can get NT4 to authenticate if i modify
if i force it to use passlen1 instead of passlen2 (worked out using the unic
variable) i can authenticate my NT4 box. (line 827 ish)
since mine is the only NT4 box in the building i could fix it by checking if
it's NT4 first (which it is correctly identified as)
this doesn't fix the XP password problem.
actually, not sure what it breaks but changing:
unic=SVAL(inbuf, smb_flg2) & FLAGS2_UNICODE_STRINGS;
unic=SVAL(inbuf, smb_flg2) & FLAGS2_UNICODE_STRINGS && passlen2 != 0;
appears to work.
XP still doesn't work non-encrypted, but i'm assuming this is a completely
Can't really spend much longer looking at it by myself, if you have any
thoughts, i can test them on our systems and give feedback.
This is not a bug in the ntlm_auth utility.
Plaintext passwords on unicode connections are known to have issues, due to bugs
in the MS clients, and the basic fact that Samba is the only server to even
offer this capability.
We should fix this bug, but use of unencrypted passwords will always cause issues.
*** This bug has been marked as a duplicate of 815 ***
originally reported against one of the 3.0.0rc[1-4] releases.
Cleaning up non-production versions.