From: Jolet, John (John.Jolet@MISYSHEALTHCARE.COM)
Date: Wed Jan 29 2003 - 07:07:31 EST
you've put encrypt passwords=yes in your samba config...assuming you didn't
ALSO follow the instructions to switch the windows box to clear-text, the
passwords will be sent encrypted, not clear text.
-----Original Message-----
From: BSARMA [mailto:bsarma@BASIT.COM]
Sent: Tuesday, January 28, 2003 11:25 AM
To: aix-l@Princeton.EDU
Subject: Re: Samba - cannot authenticate the user from win2k pc
Greetings,
I have added the nis user name using smbpasswd in my RS6K box, I can see it
in /var/samba/private
I have created the smb.conf file using swat (/http://localhost:901/)
here is my smb.conf file:
ibm210 # cat smb.conf
# Samba config file created using SWAT
# from gritpc27 (128.209.47.196)
# Date: 2003/01/28 11:37:13
# Global parameters
[global]
workgroup = IFAS
netbios name = IBM210
interfaces = en0
encrypt passwords = Yes
wins server = 128.209.47.10
guest account = guest
hosts allow = 128.209.47. 128.209.60. 127. 128.
[bsarma]
comment = bsarma's home Directory
path = /users/bsarma
username = &+bsarma
guest account =
valid users = &+bsarma,root
admin users = &+bsarma,root
writeable = Yes
Please let me know if the above settings is ok.
You told me to use the default windes password encryption method, is it
same as passing the clear text. If I choose this method will my win2k pc
pass all the passwords for intranet and internet in clear text?
Please advice.
Regards & Thanks
BN
----- Original Message -----
From: "Sergio Luiz Novaes" <algol@lcc.ufmg.br>
Newsgroups: bit.listserv.aix-l
To: <aix-l@princeton.edu>
Sent: Tuesday, January 28, 2003 8:10 AM
Subject: Re: Samba - cannot authenticate the user from win2k pc
> It's not totally correct. Samba can use crypt and UNIX authentication (NIS
> or /etc/passwd), just ask samba to do that. In fact is correct to say
it's
> a poor authentication issue (password will travel in plaintext on the
net),
> but works.
> The real problem is the encription method used by default on Win2k to sent
> the password on net. Samba will no recognize that encription method at
> least you use smbpasswd and activate encription on smb.conf ( I think
> default is deactivated but I'm not sure).
> Solutions: use smbpasswd and default encription on win2k (samba will
> recognize it and will be more secure) or stop the default encription on
> win2k and pass plaintext password on net using UNIX authentication on
> samba. A good reference to activate plaintext password on Windows is:
> http://www.isbiel.ch/Resources/Computing/SunGroup/Info/QuickRef/Samba/
>
>
> Sergio Luiz Novaes
> LCC/UFMG - CENAPAD-MG/CO
> Tel: +55 31 3499 5391/4910
> Fax: +55 31 3499 5390
>
>
>
>
> "Jolet, John"
> <John.Jolet@MISYSHEAL To:
aix-l@Princeton.EDU
> THCARE.COM> cc:
> Sent by: IBM AIX Subject: Re: Samba -
cannot authenticate the user from win2k pc
> Discussion List
> <aix-l@Princeton.EDU>
>
>
> 28/01/2003 10:14
> Please respond to IBM
> AIX Discussion List
>
>
>
>
>
>
>
> I don't think you can get samba to authenticate off of nis. You CAN get
it
> to authenticate off of ldap, but it's not straightforward. The easiest
> thing to do is enable swat (you should have the docs for that in your
samba
> distribution). The reason you can't authenticate off of nis is it has a
> (probably) crypt encrypted password. samba (and windows, etc) don't use
> crypt...they use something much less secure. In fact, your password is
> stored in two methods. One is the older lanman format, where the string
is
> broken down into two 7-byte (i think it's 7) strings and encrypted
> seperately (making hacking much easier, incidentally). The other is more
> secure, but since it's the same password in two formats, all you have to
do
> is hack the easy one.
>
> for command-line use...you should have a command called "smbpasswd".
> "smbpasswd -a username" run as root will add username to the smbpasswd
file
> specified in your smb.conf, and prompt for a password. without the -a, it
> lets you change the password.
> -----Original Message-----
> From: BSARMA [mailto:bsarma@BASIT.COM]
> Sent: Monday, January 27, 2003 5:35 PM
> To: aix-l@Princeton.EDU
> Subject: Re: Samba - cannot authenticate the user from win2k pc
>
>
> Greetings John,
>
> I didn't run the smbpasswd as we use nis , my userid is not listed in the
> /etc/passwd file of my RS6000 workstation.
>
> if you have some instructions to setup this, please email me.
>
> Regards & Thanks
> BN
> ----- Original Message -----
> From: Jolet, John
> Newsgroups: bit.listserv.aix-l
> To: aix-l@princeton.edu
> Sent: Monday, January 27, 2003 6:07 PM
> Subject: Re: Samba - cannot authenticate the user from win2k pc
>
> did you set up the smbpasswd file?
> -----Original Message-----
> From: BSARMA [mailto:bsarma@BASIT.COM]
> Sent: Monday, January 27, 2003 5:03 PM
> To: aix-l@Princeton.EDU
> Subject: Samba - cannot authenticate the user from win2k pc
>
>
> Greetings
>
> I have installed Samba on my IBM RS6000 , and started the smbd and nmbd
> services.
> I am trying to connect to IBM RS6000 Samba server from my windows2000
> client and getting the following error message:
> C:\>f:
> The system cannot find the drive specified.
>
> C:\>net use f: \\ibm210\bsarma
> The password is invalid for \\ibm210\bsarma.
>
> Type the password for \\ibm210\bsarma:
> System error 1326 has occurred.
>
> Logon failure: unknown user name or bad password.
>
> This is the user name I logon into my unix box and also into my windows2k
> box.
>
> Please advice.
>
> Regards & Thanks
> BN
>
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:32 EDT