From: Volker Gruenewald (Volker.Gruenewald@LINDE-MH.DE)
Date: Wed Jan 29 2003 - 09:33:11 EST
hi,
you should watch the "smbd.log" for entries concerning your "unsuccessfull"
authentification.
you could also run smbd -i -dx --> where x is the debuglevel between 0 and
10, higher means more details.
To do this, stop running smbd from inetd !
Tell us the output.
regards
---------------------------------------------------
Volker Grünewald
IT Administration
Linde AG, material handling
Aschaffenburg / Germany
volker.gruenewald@linde-mh.de
www.linde.com
---------------------------------------------------
|---------+-------------------------------->
| | "Jolet, John" |
| | <John.Jolet@MISYSHEAL|
| | THCARE.COM> |
| | Gesendet von: IBM AIX|
| | Discussion List |
| | <aix-l@Princeton.EDU>|
| | |
| | |
| | 01/29/03 01:07 PM |
| | Bitte antworten an |
| | IBM AIX Discussion |
| | List |
| | |
|---------+-------------------------------->
>-----------------------------------------------------------------------------------------------------------------------------|
| |
| An: aix-l@Princeton.EDU |
| Kopie: |
| Thema: Re: Samba - cannot authenticate the user from win2k pc |
>-----------------------------------------------------------------------------------------------------------------------------|
you've put encrypt passwords=yes in your samba config...assuming you didn't
ALSO follow the instructions to switch the windows box to clear-text, the
passwords will be sent encrypted, not clear text.
-----Original Message-----
From: BSARMA [mailto:bsarma@BASIT.COM]
Sent: Tuesday, January 28, 2003 11:25 AM
To: aix-l@Princeton.EDU
Subject: Re: Samba - cannot authenticate the user from win2k pc
Greetings,
I have added the nis user name using smbpasswd in my RS6K box, I can see
it
in /var/samba/private
I have created the smb.conf file using swat (/http://localhost:901/)
here is my smb.conf file:
ibm210 # cat smb.conf
# Samba config file created using SWAT
# from gritpc27 (128.209.47.196)
# Date: 2003/01/28 11:37:13
# Global parameters
[global]
workgroup = IFAS
netbios name = IBM210
interfaces = en0
encrypt passwords = Yes
wins server = 128.209.47.10
guest account = guest
hosts allow = 128.209.47. 128.209.60. 127. 128.
[bsarma]
comment = bsarma's home Directory
path = /users/bsarma
username = &+bsarma
guest account =
valid users = &+bsarma,root
admin users = &+bsarma,root
writeable = Yes
Please let me know if the above settings is ok.
You told me to use the default windes password encryption method, is it
same as passing the clear text. If I choose this method will my win2k pc
pass all the passwords for intranet and internet in clear text?
Please advice.
Regards & Thanks
BN
----- Original Message -----
From: "Sergio Luiz Novaes" <algol@lcc.ufmg.br>
Newsgroups: bit.listserv.aix-l
To: <aix-l@princeton.edu>
Sent: Tuesday, January 28, 2003 8:10 AM
Subject: Re: Samba - cannot authenticate the user from win2k pc
> It's not totally correct. Samba can use crypt and UNIX authentication
(NIS
> or /etc/passwd), just ask samba to do that. In fact is correct to say
it's
> a poor authentication issue (password will travel in plaintext on the
net),
> but works.
> The real problem is the encription method used by default on Win2k to
sent
> the password on net. Samba will no recognize that encription method at
> least you use smbpasswd and activate encription on smb.conf ( I think
> default is deactivated but I'm not sure).
> Solutions: use smbpasswd and default encription on win2k (samba will
> recognize it and will be more secure) or stop the default encription on
> win2k and pass plaintext password on net using UNIX authentication on
> samba. A good reference to activate plaintext password on Windows is:
> http://www.isbiel.ch/Resources/Computing/SunGroup/Info/QuickRef/Samba/
>
>
> Sergio Luiz Novaes
> LCC/UFMG - CENAPAD-MG/CO
> Tel: +55 31 3499 5391/4910
> Fax: +55 31 3499 5390
>
>
>
>
> "Jolet, John"
> <John.Jolet@MISYSHEAL To:
aix-l@Princeton.EDU
> THCARE.COM> cc:
> Sent by: IBM AIX Subject: Re: Samba -
cannot authenticate the user from win2k pc
> Discussion List
> <aix-l@Princeton.EDU>
>
>
> 28/01/2003 10:14
> Please respond to IBM
> AIX Discussion List
>
>
>
>
>
>
>
> I don't think you can get samba to authenticate off of nis. You CAN get
it
> to authenticate off of ldap, but it's not straightforward. The easiest
> thing to do is enable swat (you should have the docs for that in your
samba
> distribution). The reason you can't authenticate off of nis is it has a
> (probably) crypt encrypted password. samba (and windows, etc) don't use
> crypt...they use something much less secure. In fact, your password is
> stored in two methods. One is the older lanman format, where the string
is
> broken down into two 7-byte (i think it's 7) strings and encrypted
> seperately (making hacking much easier, incidentally). The other is more
> secure, but since it's the same password in two formats, all you have to
do
> is hack the easy one.
>
> for command-line use...you should have a command called "smbpasswd".
> "smbpasswd -a username" run as root will add username to the smbpasswd
file
> specified in your smb.conf, and prompt for a password. without the -a,
it
> lets you change the password.
> -----Original Message-----
> From: BSARMA [mailto:bsarma@BASIT.COM]
> Sent: Monday, January 27, 2003 5:35 PM
> To: aix-l@Princeton.EDU
> Subject: Re: Samba - cannot authenticate the user from win2k pc
>
>
> Greetings John,
>
> I didn't run the smbpasswd as we use nis , my userid is not listed in the
> /etc/passwd file of my RS6000 workstation.
>
> if you have some instructions to setup this, please email me.
>
> Regards & Thanks
> BN
> ----- Original Message -----
> From: Jolet, John
> Newsgroups: bit.listserv.aix-l
> To: aix-l@princeton.edu
> Sent: Monday, January 27, 2003 6:07 PM
> Subject: Re: Samba - cannot authenticate the user from win2k pc
>
> did you set up the smbpasswd file?
> -----Original Message-----
> From: BSARMA [mailto:bsarma@BASIT.COM]
> Sent: Monday, January 27, 2003 5:03 PM
> To: aix-l@Princeton.EDU
> Subject: Samba - cannot authenticate the user from win2k pc
>
>
> Greetings
>
> I have installed Samba on my IBM RS6000 , and started the smbd and nmbd
> services.
> I am trying to connect to IBM RS6000 Samba server from my windows2000
> client and getting the following error message:
> C:\>f:
> The system cannot find the drive specified.
>
> C:\>net use f: \\ibm210\bsarma
> The password is invalid for \\ibm210\bsarma.
>
> Type the password for \\ibm210\bsarma:
> System error 1326 has occurred.
>
> Logon failure: unknown user name or bad password.
>
> This is the user name I logon into my unix box and also into my windows2k
> box.
>
> Please advice.
>
> Regards & Thanks
> BN
>
This e-mail may contain confidential and/or privileged information.
If you are not the intended recipient (or have received this e-mail
in error) please notify the sender immediately and destroy this e-mail.
Any unauthorised copying, disclosure or distribution of the material
in this e-mail is strictly forbidden.
Any views expressed in this message are those of the individual
sender, except where the sender specifically states them to be
the views of Linde Material Handling.
Since January 2002 we use the e-mail domain linde-mh.de instead
of linde-fh.de.
This mail has been swept for the presence of computerviruses.
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:32 EDT