Hi tony, based on your log file, it sure does APPEAR that you have NOT turned off encrypted passwords, as samba is trying to open /usr/local/samba/private/smbpasswd. It should only do that if it negotiated encrypted passwords in the negot prot call, which it should only be able to do if encrypted passwords is set to yes.
I note that you are including ANOTHER smb.conf file at the end of your global section; please check there and see if you have an encrypt passwords = yes, and/or include the contents of that smb.conf file as well in your next message to the list, ok? include=/etc/sfw/local-smb.conf > -----Original Message----- > From: tony shepherd [mailto:[EMAIL PROTECTED] > Sent: Tuesday, March 25, 2003 21:31 > To: [EMAIL PROTECTED] > Cc: tony.shepherd > Subject: BUG: encrypt passwords=no, security=yes, samba > 2.2.8, W2K user > auth fails > > > folks > > ** > I am not on this mail list. Can all replied please be Cc'ed > to me as well. > ** > > I have come across the following bug using samba 2.2.8 (in > the throws of > upgrading from 2.0.10 to fix security vul). > > I discovered this bug using a W2K system; it was not present > when testing > with win98. I am running the samba server on a solaris 9 system. > > I am using "encrypt passwords = no" and "security=user" and > using the Unix > passwords for authentication. Registry modification have > been made to the > windows system. > > To replicate the bug, I do the following: > > * log onto w2k system as user ts74081, passwd: fred > * try and open the share: \\huey\ts74081. As my password is > different > between the windows system and the samba server, it prompts me for a > username/password pair. I give the correct values but I > still get rejected. > * I then try to access the share as a different user (one > that does not > exist on the system): username fred, passwd fred. Naturally > it fails. > * I then try again with the proper username/password pair and I get > authenticated correctly and the share is made available. > > > If I do not try and authenticate as a different user before > retrying with > the proper username, it will continue to fail to authenticate. > > I have attached debug 3 logs of the above scenario as well as > the smb.conf > I am using. > > If I change the security parameter to "security=share", the > above bug does > not show itself. > > > thanks > > tony > >