Bug 9380 - Samba crashes when user logs in with "User must change pass on next login" checked.
Samba crashes when user logs in with "User must change pass on next login" ch...
Status: NEW
Product: Samba 4.0
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB
4.0.0rc4
x64 Linux
: P5 major
: ---
Assigned To: Andrew Bartlett
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-11-11 23:44 UTC by nicholas
Modified: 2013-06-27 17:36 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description nicholas 2012-11-11 23:44:02 UTC
This bug has been there since beta18.

Basically if I create an account using RSAT on win7 and check the box "user must change password on next login" then try to authenticate using that user, it comes back saying the "Username and password is incorrect" and I am unable to login at all with any user. I then have to restart the Samba daemon to authenticate.

Logs show the following:

Kerberos: AS-REQ test1@SITEST from ipv4:192.168.106.202:63114 for krbtgt/SITEST@SITEST
  Kerberos: Looking for PK-INIT(ietf) pa-data -- test1@SITEST
  Kerberos: Looking for PK-INIT(win2k) pa-data -- test1@SITEST
  Kerberos: Looking for ENC-TS pa-data -- test1@SITEST
  Kerberos: AS-REQ test1@SITEST from ipv4:192.168.106.202:63115 for krbtgt/SITEST@SITEST
  Kerberos: Looking for PK-INIT(ietf) pa-data -- test1@SITEST
  Kerberos: Looking for PK-INIT(win2k) pa-data -- test1@SITEST
  Kerberos: Looking for ENC-TS pa-data -- test1@SITEST
  Kerberos: ENC-TS Pre-authentication succeeded -- test1@SITEST using arcfour-hmac-md5
  Kerberos: ENC-TS pre-authentication succeeded -- test1@SITEST
  sam_account_ok: Account for user 'test1@SITEST' password must change!.
  auth_check_password_send: Checking password for unmapped user [SITEST]\[test1]@[WIN7-TEST]
  auth_check_password_send: mapped user is: [SITEST]\[test1]@[WIN7-TEST]
  ntlm_password_check: Interactive logon: NT password check failed for user test1
  auth_check_password_recv: sam_ignoredomain authentication for user [SITEST\test1] FAILED with error NT_STATUS_WRONG_PASSWORD
Comment 1 Stefan Metzmacher 2013-01-27 13:49:36 UTC
Andrew, wasn't this already fixed?
Comment 2 Karolin Seeger 2013-06-27 10:34:38 UTC
(In reply to comment #1)
> Andrew, wasn't this already fixed?

Andrew, can you comment, please?