JFreeman@cornell-iowa.edu
2000-Nov-18 18:04 UTC
Refusal to authenticate users with user names that are substrings of others
I haven't seen any reference to this problem in my search of the archives. I have a user that samba will not authentication as a valid user. I have been able to recreate the problem as follows: We are running our samba server using NT authentication (server=domain). We use a script to create the UNIX account when a new user hits the system for the first time. Now suppose a new user n-abcdef is created in the NT PDC and that users accesses the samba server. The new user script is run and everything works as expected. Later a user n-abcd is created on the NT side. When that user tries to access the server, she is refused access with an invalid password error (error code in log file was :smbd/passwd.cLdomain_client_validate(1369) domain_client_validate: unable to validate password for user n-abcd in domain XXXX to Domain controller XX. Error was NT_STATUS_WRONG_PASSWORD.) It would appear to me that the password for n-abcd is being checked against the password for n-abcdef. I haven't seen this error listed in the bug fixes for different versions of 2.0.x. Has anyone else seen it and/or is this a configuration error on my part. Thanks in advance. Jim ------ James Freeman, Ph.D. Professor of Mathematics