samba - Oct 2003 - urgent help needed! pam_smb auth any password...

Hello all,

I need *urgent* help with this one!

I have a samba 3.0 server which auths on mysql, the confs are the following:
[global]
netbios name = AUTH
workgroup = COMPANY
security = user
domain logons = yes
domain master = yes
local master = yes
os level = 69
passdb backend = mysql:mysql
mysql:mysql host = 192.168.1.1
mysql:mysql user = samba
mysql:mysql password = whocares
mysql:mysql database = samba

domain logons = yes
logon script=/home/samba/netlogon/todos.bat %U
name resolve order = host wins lmhosts bcast
wins support = yes
dns proxy = yes

logon pathlogon home
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = yes
writable = no
share modes = no

All the other samba servers auth nicely on samba 3.0, and im able to logon the
domain, but...
when i try to auth an account with pam_smb, i can ALLWAYS connect!

It accepts ANY login/password pair!

I read the pam_smb "warning" which said:
This version contains a bug-fix that stops pam_smb from authenticating 
against servers in share mode i.e. Win 95 or samba in share mode.
If you had a share mode server by mistake in your pam_smb.conf
anyone could log in to any a/c on your machine with no password !!!

I allready installed this version...and checked the code and it doesnt seem to
do no good.

Can anybody help me with this?

My pam_smb version is 1.1.7

Thanks in advance,
+-----------------------------------------
| Lu?s Miguel Silva
| Network Administrator@ ISPGaya.pt
| Rua Ant?nio Rodrigues da Rocha, 291/341 
| Sto. Ov?dio ? 4400-025 V. N. de Gaia
| Portugal
| T: +351 22 3745730/3/5  F: +351 22 3745738
| G: +351 93 6371253      E: lms@ispgaya.pt
| H: http://lms.ispgaya.pt/
+-----------------------------------------

On Wed, 2003-10-08 at 14:50, Lu?s Miguel Silva wrote:
> Hello all,
> 
> I need *urgent* help with this one!
> 
> I have a samba 3.0 server which auths on mysql, the confs are the
following:
> [global]
> netbios name = AUTH
> workgroup = COMPANY
> security = user
> domain logons = yes
> domain master = yes
> local master = yes
> os level = 69
> passdb backend = mysql:mysql
> mysql:mysql host = 192.168.1.1
> mysql:mysql user = samba
> mysql:mysql password = whocares
> mysql:mysql database = samba
> 
> domain logons = yes
> logon script=/home/samba/netlogon/todos.bat %U
> name resolve order = host wins lmhosts bcast
> wins support = yes
> dns proxy = yes
> 
> logon path> logon home> 
> [netlogon]
> comment = Network Logon Service
> path = /home/samba/netlogon
> guest ok = yes
> writable = no
> share modes = no
> 
> All the other samba servers auth nicely on samba 3.0, and im able to logon
the domain, but...
> when i try to auth an account with pam_smb, i can ALLWAYS connect!
> 
> It accepts ANY login/password pair!
> 
> I read the pam_smb "warning" which said:
> This version contains a bug-fix that stops pam_smb from authenticating 
> against servers in share mode i.e. Win 95 or samba in share mode.
> If you had a share mode server by mistake in your pam_smb.conf
> anyone could log in to any a/c on your machine with no password !!!
> 
> I allready installed this version...and checked the code and it doesnt seem
to do no good.
> 
> Can anybody help me with this?
> 
> My pam_smb version is 1.1.7
pam_smb is not a module from Samba, so you probably would have a better
response at the pam_smb mailinglist.

Jelmer

--
Jelmer Vernooij  - http://jelmer.vernstok.nl/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20031008/f3d7a7a9/attachment.bin