This is probably an FAQ, but my looking into the issue was unproductive. When connecting to a samba share from a win2000 professional machine, I get prompted for a password. Security is set to user on the samba machine. I reenter the same password as the local user that I login as, and then it accepts it. I'm not using encrypted passwords, but I have added the PlainTextPassword registry setting to the win2000 machine. Even when I have drives mapped upon login, the first drive always asks me to enter the password even though it's the same as the user's password. Is there anyway to fix this? -- Jon Mitchell Systems Engineer, Subject Wills & Company jrm@swc.com
Jon Mitchell wrote:> > This is probably an FAQ, but my looking into the issue was unproductive. > When connecting to a samba share from a win2000 professional machine, I > get prompted for a password. Security is set to user on the samba > machine. I reenter the same password as the local user that I login as, > and then it accepts it. > > I'm not using encrypted passwords, but I have added the PlainTextPassword > registry setting to the win2000 machine. Even when I have drives mapped > upon login, the first drive always asks me to enter the password even > though it's the same as the user's password. Is there anyway to fix this?Upgrading to Encrypted passwords ;-) This feature is by desing in Windows as sending your default credentials to any server unencrypted is a HUGE security risk. Imaging the case wher you have Computer A and Computer B. Both are untrusted by the other users. What you are wanting would go something like this User C has an administrator account on Computer A and a normal account on COmputer B. User C is clever and knows that if he uses the same password on both computers then D may be able to get access to his account on A User D only has an administrator account on computer B. User D is evil and wants an admin account on Computer A When User C logs on to A he maps a drive on Computer B. B is only using plaintext passwords. A sends Cs username to B A then sends Cs _LOGIN_ password to B unencrypted. (This is the wrong password) A the prompts C for his password to B. (A is then authenticated) But B can snoop the network and find out A's password for B and gain access to his machine there. This is a simplified version of what would happen if Windows did what you wanted. Without this B could only get A's password for D. (and every other computer that A connects to using plaintext passwords if A & B are on the same subnet) /James -- Technology is a word that describes something that doesn't work yet. Douglas Adams