RE: [Samba] Windows XP and plain text password
http://quics.qnx.com/cgi-bin/print_des.cgi?/usr/free/qnx4/tcpip/utils/+s amba-qnxbin-2.0.7.tgz You should also read the samba docs. Especially those concerning WinNT, Win98 and W2K where encrypted password negotiation is used by default. It's all explained in the docs how to revert back to clear-text negotiation. Basically you need to do some nasty registry hacking to achieve this. On the other hand, you could also enable encryption in samba. I've heard reports that this works with at least WinNT. (That's not a link to a file above, it's a link to a page with that text in it) If there is a way to do encpryted password, I would be serisously rock if it was found! :-) THANKS! --KM -Original Message- From: John H Terpstra [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 10:47 PM To: Kenny Mann Cc: Andrew Bartlett; ; Sacha HAEGELIN Subject: RE: [Samba] Windows XP and plain text password On Wed, 12 Mar 2003, Kenny Mann wrote: I have yet to find samba for QNX with encpryption nor do I have the time to port it. If perhaps you know of a location (and I have tried google, although only for a short search), I would be more than happy to listen however that is the only method that I know. BTW, IF someone enabled plaintextpassword's does that mean that ALL of there passwords are plaintext or just any that can't be encrpyted? Re-enabling plain text password support by the registry change does NOT disable encrypted password support at all. It just re-enables plain text based authentication. MS Windows clients do NOT cache the plain text password, only the encrypted password. So if you do not enable encrypted passwords on Samba then when the MS Windows client drops a connection and later tries to restore the connection, this later re-connect can only send the encrypted password which will fail if you do not have this enabled in samba. The result then will be a blue kiss of death screen on the client. To enable encrypted passwords in samba: In smb.conf [globals] put: encrypted password = Yes Then for each of your users: smbpasswd -a 'usern_name' For some time now samba compiles in encrypted password ability, you just need to enable it as per above. - John T. THANKS! --KM -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 3:55 PM To: Kenny Mann Cc: John H Terpstra; Sacha HAEGELIN; [EMAIL PROTECTED] Subject: RE: [Samba] Windows XP and plain text password On Thu, 2003-03-13 at 05:01, Kenny Mann wrote: Samba built for OS's such as QNX do not have the encryption capability. You must have plain text turned on. Perhaps he is in the same position. Why? It's certainly not a code-size issue, as there are much bigger parts of samba... It seems a pretty lame excuse for almost complete incompatibility with out-of-the-box installations. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP and plain text password
On Thu, 13 Mar 2003, Kenny Mann wrote: http://quics.qnx.com/cgi-bin/print_des.cgi?/usr/free/qnx4/tcpip/utils/+s amba-qnxbin-2.0.7.tgz 2.0.7 is way ancient - do you not have a more up to date version? In any case Samba has it's own crypto routines for MS Windows clients. Does your version have a binary called 'smbpasswd'? If so, then that is what you need to create the encrypted password database. Also, check the output of: testparm | grep encrypt If it has a line that says 'encrypt passwords' then it is most likely that your versions DOES have support for encrypted password handling. As I indicated, plain text password support in MS Windows products had most likely NOT been maintained since it was disabled by default. If you revert to plain text passwords you will almost certainly run into serious problems. - John T. You should also read the samba docs. Especially those concerning WinNT, Win98 and W2K where encrypted password negotiation is used by default. It's all explained in the docs how to revert back to clear-text negotiation. Basically you need to do some nasty registry hacking to achieve this. On the other hand, you could also enable encryption in samba. I've heard reports that this works with at least WinNT. (That's not a link to a file above, it's a link to a page with that text in it) If there is a way to do encpryted password, I would be serisously rock if it was found! :-) THANKS! --KM -Original Message- From: John H Terpstra [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 10:47 PM To: Kenny Mann Cc: Andrew Bartlett; ; Sacha HAEGELIN Subject: RE: [Samba] Windows XP and plain text password On Wed, 12 Mar 2003, Kenny Mann wrote: I have yet to find samba for QNX with encpryption nor do I have the time to port it. If perhaps you know of a location (and I have tried google, although only for a short search), I would be more than happy to listen however that is the only method that I know. BTW, IF someone enabled plaintextpassword's does that mean that ALL of there passwords are plaintext or just any that can't be encrpyted? Re-enabling plain text password support by the registry change does NOT disable encrypted password support at all. It just re-enables plain text based authentication. MS Windows clients do NOT cache the plain text password, only the encrypted password. So if you do not enable encrypted passwords on Samba then when the MS Windows client drops a connection and later tries to restore the connection, this later re-connect can only send the encrypted password which will fail if you do not have this enabled in samba. The result then will be a blue kiss of death screen on the client. To enable encrypted passwords in samba: In smb.conf [globals] put: encrypted password = Yes Then for each of your users: smbpasswd -a 'usern_name' For some time now samba compiles in encrypted password ability, you just need to enable it as per above. - John T. THANKS! --KM -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 3:55 PM To: Kenny Mann Cc: John H Terpstra; Sacha HAEGELIN; [EMAIL PROTECTED] Subject: RE: [Samba] Windows XP and plain text password On Thu, 2003-03-13 at 05:01, Kenny Mann wrote: Samba built for OS's such as QNX do not have the encryption capability. You must have plain text turned on. Perhaps he is in the same position. Why? It's certainly not a code-size issue, as there are much bigger parts of samba... It seems a pretty lame excuse for almost complete incompatibility with out-of-the-box installations. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Email: [EMAIL PROTECTED] -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP and plain text password
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\p arameters enableplaintextpassword --Kenny Mann -Original Message- From: Sacha HAEGELIN [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 8:28 AM To: [EMAIL PROTECTED] Subject: [Samba] Windows XP and plain text password Hello, Can you say me which is the key to add in the registry for Windows XP to Enable Plain Text Password? Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP and plain text password
On Wed, 12 Mar 2003, Sacha HAEGELIN wrote: Hello, Can you say me which is the key to add in the registry for Windows XP to Enable Plain Text Password? Sacha, You obtained your answer, but why do you want to enable plain text passwords? I hope you are aware the plain text passwords and domain security do not work together. I recommend that you do NOT use plain text password handling as it is basically broken. - John T. -- John H Terpstra Email: [EMAIL PROTECTED]-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP and plain text password
Samba built for OS's such as QNX do not have the encryption capability. You must have plain text turned on. Perhaps he is in the same position. --KM -Original Message- From: John H Terpstra [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 11:08 AM To: Sacha HAEGELIN Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Windows XP and plain text password On Wed, 12 Mar 2003, Sacha HAEGELIN wrote: Hello, Can you say me which is the key to add in the registry for Windows XP to Enable Plain Text Password? Sacha, You obtained your answer, but why do you want to enable plain text passwords? I hope you are aware the plain text passwords and domain security do not work together. I recommend that you do NOT use plain text password handling as it is basically broken. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP and plain text password
On Thu, 2003-03-13 at 05:01, Kenny Mann wrote: Samba built for OS's such as QNX do not have the encryption capability. You must have plain text turned on. Perhaps he is in the same position. Why? It's certainly not a code-size issue, as there are much bigger parts of samba... It seems a pretty lame excuse for almost complete incompatibility with out-of-the-box installations. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP and plain text password
I have yet to find samba for QNX with encpryption nor do I have the time to port it. If perhaps you know of a location (and I have tried google, although only for a short search), I would be more than happy to listen however that is the only method that I know. BTW, IF someone enabled plaintextpassword's does that mean that ALL of there passwords are plaintext or just any that can't be encrpyted? THANKS! --KM -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 3:55 PM To: Kenny Mann Cc: John H Terpstra; Sacha HAEGELIN; [EMAIL PROTECTED] Subject: RE: [Samba] Windows XP and plain text password On Thu, 2003-03-13 at 05:01, Kenny Mann wrote: Samba built for OS's such as QNX do not have the encryption capability. You must have plain text turned on. Perhaps he is in the same position. Why? It's certainly not a code-size issue, as there are much bigger parts of samba... It seems a pretty lame excuse for almost complete incompatibility with out-of-the-box installations. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP and plain text password
On Wed, 12 Mar 2003, Kenny Mann wrote: I have yet to find samba for QNX with encpryption nor do I have the time to port it. If perhaps you know of a location (and I have tried google, although only for a short search), I would be more than happy to listen however that is the only method that I know. BTW, IF someone enabled plaintextpassword's does that mean that ALL of there passwords are plaintext or just any that can't be encrpyted? Re-enabling plain text password support by the registry change does NOT disable encrypted password support at all. It just re-enables plain text based authentication. MS Windows clients do NOT cache the plain text password, only the encrypted password. So if you do not enable encrypted passwords on Samba then when the MS Windows client drops a connection and later tries to restore the connection, this later re-connect can only send the encrypted password which will fail if you do not have this enabled in samba. The result then will be a blue kiss of death screen on the client. To enable encrypted passwords in samba: In smb.conf [globals] put: encrypted password = Yes Then for each of your users: smbpasswd -a 'usern_name' For some time now samba compiles in encrypted password ability, you just need to enable it as per above. - John T. THANKS! --KM -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 3:55 PM To: Kenny Mann Cc: John H Terpstra; Sacha HAEGELIN; [EMAIL PROTECTED] Subject: RE: [Samba] Windows XP and plain text password On Thu, 2003-03-13 at 05:01, Kenny Mann wrote: Samba built for OS's such as QNX do not have the encryption capability. You must have plain text turned on. Perhaps he is in the same position. Why? It's certainly not a code-size issue, as there are much bigger parts of samba... It seems a pretty lame excuse for almost complete incompatibility with out-of-the-box installations. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
