On Wed, April 14, 2010 10:45, Jansen Robert wrote: > Added note: > > > The lanmanager smbpasswd filed change seems to happen also with some > client machines do NOT explicitaly change their password. It rather seems > that a client seems to enforce a zero LANMAN passwd if a client has a > higher than LANMAN protocol available. > > "I have a higher protocol than LANMAN, so forget the LANMAN method > and scratch the unsafer password hash". > > A wild guess,... > > > > But the question remains, how to prevent this from happening ? > > > Running on a Solaris 9 > > > Ideas welcome. > > > TIA >
Found a solution: Users can still explicitly change their password by using <username>@<sambaserver> on their client PC, but the Lanmanager password has field doesn't get "zeroed" out by a bunch of XXXXXXXXXXXXX.... Look here: http://www.troubleshooters.com/linux/win9x_samba.htm Needed smb.conf entry's: lanman auth = Yes client lanman auth = Yes client plaintext auth = Yes Default behaviour changed during/after Samba version 3.2.0. If anyone knows how to block users explicitly changing their password via the client PC, would be a plus. Any takers ? my 2 cents TIA -------------------------- Brussels University Pleinlaan 2 Computer Center VUB/ULB (VUBnet) Ing. Robert Jansen B-1050 Brussels Belgium (Europe) email: [email protected] Tel: +32-2-650.36.94 Secr: +32-2-650.37.38 Fax: +32-2-650.37.40 -------------------------- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
