samba - Oct 1999 - Problems with passwords (PR#20895) !!!!

Hello,
I reported problem PR#20895.
So - i use encrypted passwords. All new unix users are appended to
smbpasswd with one script.
Every new user is getting a line like this:
s1077347:2006:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO
PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NU          ]:LCT-00000000:user name

The parameter null passwords is NO. Every user who has not set their
password can login into Samba NT Domain from NT ws with no password or
with any password. And now i discovered that users who has already SET
!!! their smbpasswords on the unix side with smbpasswd can also login
with a new password, with NO !!! password and with ANY !!! password.
Then i looked at all possible parameter in smbpasswd. there is a string
- :[NU        ]:
When there is NU, any user can login with any password, with no password
and with their smbpasswd password. Then i set instead of :[NU        ]:
just :[U         ], and than everything is working well. But ...
A new user is getting line with [NO_PASSWORD...]:[NU     ], because only
than a user can set his password on unix side with smbpasswd. When a new
user gets  [NO_PASSWORD...]:[U      ], than only ROOT !!! can set
smbpasswd for this user. It is not so comfortable to set smbpasswd as
root for 2000 users. Any ideas ?      
-- 
Have a nice day !

Tomek Jarosinski

On Wed, 27 Oct 1999 19:17:34 +1000, hai scritto:
>s1077347:2006:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO
>PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NU          ]:LCT-00000000:user name
I have a user with
cdi:501:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO
PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NU
      ]:LCT-37A698B2:

If from samba I do
smbclient '\\samba\not-cdi-owned-dir' -U cdi
fill in a random password
I'm rpesented with
smb>
but then I get
ERRDOS - ERRnoaccess (Access denied.) listing \*

Look at the samba log and see as which user the users are logging in.

-- 
giulioo@tiscalinet.it