Solved

Windows doesn't send passwords to Samba

Posted on 2002-06-05
6
235 Views
Last Modified: 2010-03-18
This is really a Windows question, but I figure an expert on Samba ought to know the answer.  

Samba rejects attempts by my Windows machine to connect.  Hours of studying and investigation shows that the reason is that Windows is not sending a password with the userid.  It sends the expected userid, but the "password length" fields in the packet are zero.  This in spite of the fact that I type in a real password when "NET USE" prompts me for one.  I also type one into the "network login" box when I log in to Windows.

Any idea how I persuade Windows to send a password?

It's Windows ME.


0
Comment
Question by:bryanh
  • 4
  • 2
6 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 7058515
Do you have Samba configured to use encrypted passwords and does this user have an SMB encrypted password (meaning that you created an SMB password with sbmpassed)? Also take note of the fact that the windows user name must be the same as the Linux user name and that case matters for both the username and password.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 7058518
Oh yes, have you configured the ME box to require a a logon before accessing windows?
0
 
LVL 5

Author Comment

by:bryanh
ID: 7059462
No, there's no smbpasswd file and the smb.conf file is the simple one from the "installing on unix" instructions.

The ME box puts up a window when it boots asking for a network userid and password.  It doesn't seem to care at that point what I type for password, but if it isn't right a later box comes up asking me to log on to windows and type the correct password.  In all cases permutations of passwords entere/required, the packets set by NET USE contain zero length passwords, according to the Samba-enhanced Tcpdump.

0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 40

Accepted Solution

by:
jlevie earned 100 total points
ID: 7059787
I think that ME will only send an SMB encrypted password to the server and it may be that the only one it sends is the one assocaiated with the user you logged in to ME with. So far as I know ME, 95, and 98 are alike in this regard and those OS's don't use the username/password themselves, but hang on to it for authentication to servers.

Try this. On the Samba server create an SMB password for the Linux username that you'll be using on the ME box using the same password as you use on ME. Also check your smb.conf file to be sure that it contains "encrypt passords = yes" and if you have to add or uncomment that line restart Samba. Then log onto the ME box and see if you can access tings on the Samba server.
0
 
LVL 5

Author Comment

by:bryanh
ID: 7061005
After I read about encrypted passwords in the Samba documentation, I could see that you're exactly right.  One can enable unencrypted passwords in the registry, but all modern Windows variations have it disabled by default.  Of course, Windows doesn't have the courtesy to issue a message saying, "the server will accept only unencrypted passwords and you have disabled those so I sent a null password instead and guess what?  the server didn't accept it."  Instead, the error message is "invalid password.  Enter the correct one."

I set up encrypted passwords and all is well.

Hard to believe the Samba "getting started" documentation still leads you through this unencrypted password dead end.  I will see if I can get that fixed.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 7061075
I'd have to agree with you about the ambiguity in the Samba doucmentation. It should say that anything since win95 w/service pack ? (don't remember which) requires encrypted passwords. This is a problem that has existed for a very long time and it ought to be emphasized that you pretty much need SMB encrypted passwords for things to work.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now