Description of problem: Upgraded from Fedora 7 to Fedora 10 (fresh install) the other day. All seems to work except Samba connectivity. I have an elderly LanMan client (not upgradeable - although this might be resolved soon) that I need to connect to the Samba server. Samba 3.0.25 (f7) worked correctly with this client (RiscOS Lanman98 client version 1.21), but Samba 3.2.5 seems to stop this connectivity from working. I copied the exact smb.conf file from 3.0.25 to 3.2.5 and testparm does not have any problems with it. For the record, Windows XP and other Linux machines do not have any problems connecting to the shares. Version-Release number of selected component (if applicable): Samba3.2.5-0.23.fc10 How reproducible: Everytime Steps to Reproduce: 1. Lanman98 client tries to connect to the Linux server 2. Lanman98 client produces 'Access denied' error message 3. Actual results: I turned up the logging to Level 3 on the server. [2009/01/04 14:33:55, 3] smbd/process.c:process_smb(1549) Transaction 0 of length 197 (0 toread) [2009/01/04 14:33:55, 3] smbd/process.c:switch_message(1361) switch message SMBnegprot (pid 10124) conn 0x0 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [PC NETWORK PROGRAM 1.0] [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [PCLAN1.0] [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [MICROSOFT NETWORKS 1.03] [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [MICROSOFT NETWORKS 3.0] [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [LANMAN1.0] [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [LM1.2X002] [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [DOS LM1.2X002] [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [DOS LANMAN2.1] [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [LANMAN2.1] [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [NT LM 0.12] [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_nt1(373) not using SPNEGO [2009/01/04 14:33:55, 3] smbd/negprot.c:reply_negprot(673) Selected protocol NT LM 0.12 [2009/01/04 14:33:55, 3] smbd/process.c:process_smb(1549) Transaction 1 of length 91 (0 toread) [2009/01/04 14:33:55, 3] smbd/process.c:switch_message(1361) switch message SMBsesssetupX (pid 10124) conn 0x0 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/01/04 14:33:55, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1409) wct=13 flg2=0x1 [2009/01/04 14:33:55, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1608) Domain=[] NativeOS=[RiscOS] NativeLanMan=[CIFS] PrimaryDomain=[null] [2009/01/04 14:33:55, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1624) sesssetupX:name=[]\[peter]@[virtualriscpc] [2009/01/04 14:33:55, 3] auth/auth.c:check_ntlm_password(220) check_ntlm_password: Checking password for unmapped user []\[peter]@[virtualriscpc] with the new password interface [2009/01/04 14:33:55, 3] auth/auth.c:check_ntlm_password(223) check_ntlm_password: mapped user is: [ISIS]\[peter]@[virtualriscpc] [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:push_sec_ctx(224) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/01/04 14:33:55, 3] smbd/uid.c:push_conn_ctx(357) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:push_sec_ctx(224) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/01/04 14:33:55, 3] smbd/uid.c:push_conn_ctx(357) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:pop_sec_ctx(432) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:push_sec_ctx(224) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/01/04 14:33:55, 3] smbd/uid.c:push_conn_ctx(357) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:pop_sec_ctx(432) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:push_sec_ctx(224) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/01/04 14:33:55, 3] smbd/uid.c:push_conn_ctx(357) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:pop_sec_ctx(432) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:pop_sec_ctx(432) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/01/04 14:33:55, 3] libsmb/ntlm_check.c:ntlm_password_check(457) ntlm_password_check: LM password, NT MD4 password in LM field and LMv2 failed for user peter [2009/01/04 14:33:55, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [peter] -> [peter] FAILED with error NT_STATUS_WRONG_PASSWORD [2009/01/04 14:33:55, 3] smbd/error.c:error_packet_set(80) error packet at smbd/sesssetup.c(1725) cmd=115 (SMBsesssetupX) eclass=1 ecode=5 [2009/01/04 14:33:55, 3] smbd/process.c:smbd_process(2035) receive_message_or_smb failed: NT_STATUS_END_OF_FILE, exiting [2009/01/04 14:33:55, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/01/04 14:33:55, 3] smbd/connection.c:yield_connection(31) Yielding connection to [2009/01/04 14:33:55, 3] smbd/server.c:exit_server_common(945) Server exit (normal exit) **************************** The correct users are added into smbpasswd $ pdbedit -L peter:500:peter commonuser:502:commonuser smbpasswd has usernames etc peter:500:XXXXXXXXXXXXXXXXXXXXXXXXXX:75316B38D5E42982788491CD7C169D0C:[U ]:LCT-49603: commonuser:502:XXXXXXXXXXXXXXXXXXXXXXX:75316B38D5E42982788491CD7C169D0C:[U ]:LCT-4960B: (I've changed some of the output for this report, but it is all there) /etc/passwd also shows the above users at the correct UID too. Testparm shows the following (the all important lanman auth and client lanman auth are in there): [global] workgroup = Workgroup server string = Samba Server smb passwd file = /etc/samba/smbpasswd lanman auth = Yes client lanman auth = Yes log level = 3 log file = /var/log/samba/log.%m max log size = 50 add user script = /usr/sbin/useradd "%u" -n -g users add group script = /usr/sbin/groupadd "%g" os level = 33 preferred master = Yes local master = No domain master = Yes [peter] comment = Peter's Share path = /home/peter/riscos valid users = peter write list = peter read only = No [commonuser] comment = General Shared Area path = /home/commonuser/ valid users = commonuser write list = commonuser read only = No Expected results: Lanman client should connect to Samba correctly. Additional info: I've tried everything I can think of...hence my bug report. I have also referenced http://forums.opensuse.org/network-internet/394589-client-98-does-not-work-samba.html - which seems closest to the problem I am having.
Lanman auth is disabled by default in samba 3.2.x, see smb.conf and the "lanman auth" option. (and read why it has been disabled by default) You have also to enable the lanman password which is currently empty (all the X in the first hash). Last but not least change all the passwords you attached here, the LM and NT hashes are clear text equivalents, so you have just surrendered the password that you have for both peter and commonuser.