mirror of
https://github.com/samba-team/samba.git
synced 2025-03-08 04:58:40 +03:00
JHT ===> Added instructions for Windows 95 encrypted password change.
(This used to be commit 422e55092f01505ba616ff9e03e36592bb66866b)
This commit is contained in:
John Terpstra
parent
800a28df41
commit
335959b977
@ -17,7 +17,7 @@ and the "PROS and CONS" section.
|
||||
How does it work ?
|
||||
------------------
|
||||
|
||||
LanManager encryption is somewhat similar to UNIX password
|
||||
LanManager encryption is somewhat similar to UNIX password
|
||||
encryption. The server uses a file containing a hashed value of a
|
||||
users password. This is created by taking the users paintext
|
||||
password, capitalising it, and either truncating to 14 bytes (or
|
||||
@ -26,7 +26,7 @@ two 56 bit DES keys to encrypt a 'magic' eight byte value, forming a
|
||||
16 byte value which is stored by the server and client. Let this value
|
||||
be known as the *hashed password*.
|
||||
|
||||
Windows NT encryption is a higher quality mechanism, consisting
|
||||
Windows NT encryption is a higher quality mechanism, consisting
|
||||
of doing an MD4 hash on a Unicode version of the users password. This
|
||||
also produces a 16 byte hash value that is non-reversible.
|
||||
|
||||
@ -129,7 +129,7 @@ details on how to do this.
|
||||
The smbpasswd file.
|
||||
-------------------
|
||||
|
||||
In order for Samba to participate in the above protocol it must
|
||||
In order for Samba to participate in the above protocol it must
|
||||
be able to look up the 16 byte hashed values given a user name.
|
||||
Unfortunately, as the UNIX password value is also a one way hash
|
||||
function (ie. it is impossible to retrieve the cleartext of the users
|
||||
@ -214,7 +214,7 @@ normal unix /etc/passwd file.
|
||||
The smbpasswd Command.
|
||||
----------------------
|
||||
|
||||
The smbpasswd command maintains the two 32 byte password fields in
|
||||
The smbpasswd command maintains the two 32 byte password fields in
|
||||
the smbpasswd file. If you wish to make it similar to the unix passwd
|
||||
or yppasswd programs, install it in /usr/local/samba/bin (or your main
|
||||
Samba binary directory) and make it setuid root.
|
||||
|
||||
71
docs/textdocs/Win95.txt
Normal file
71
docs/textdocs/Win95.txt
Normal file
@ -0,0 +1,71 @@
|
||||
Copyright (C) 1997 - Samba-Team
|
||||
Contributed Date: August 20, 1997
|
||||
Last Update: August 20, 1997
|
||||
|
||||
Subject: Windows 95 and Samba Interoperability
|
||||
===============================================================================
|
||||
|
||||
Password Handling:
|
||||
------------------
|
||||
Microsoft periodically release updates to all their operating systems. Some of
|
||||
these are welcomed while others cause us to change the way we do things. Few
|
||||
people like change, particularly if the change is unexpected. The best advice
|
||||
always is to read the documentation provided BEFORE applying an update.
|
||||
|
||||
One of the recent Win95 updates (VRDRUPD.EXE) disables plain text (also called
|
||||
clear text) password authentication. The effects of this updates are desirable
|
||||
where MS Windows NT is providing the password authentication service. This
|
||||
update is most undesirable where Samba must provide the authentication service
|
||||
unless Samba has been specifically configured to use encrypted passwords _AND_
|
||||
has been linked with the libdes library.
|
||||
|
||||
If the above conditions have not been complied with, and you are using Samba,
|
||||
then Windows 95 clients will NOT be able to authenticate to a Samba server.
|
||||
|
||||
To re-enable plain text password capabilities AFTER applying this update
|
||||
you must create a new value in the Windows 95 registry.
|
||||
|
||||
Procedure:
|
||||
1) Launch the Registry Editor as follows:
|
||||
Click on: /Start/Run
|
||||
Type "regedit" and press enter.
|
||||
|
||||
2) Double click on: HKEY_LOCAL_MACHINE
|
||||
|
||||
3) Locate the following Key:
|
||||
/HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/VxD/VNETSUP
|
||||
|
||||
4) From the menu bar select Edit/New/DWORD Value
|
||||
|
||||
5) Rename the entry from "New Value #1" to:
|
||||
EnablePlainTextPassword
|
||||
|
||||
6) Press Enter, then double click on the new entry.
|
||||
A dialog box will pop up and enable you to set a value.
|
||||
You must set this value to 1.
|
||||
|
||||
-------------------------------------------------------------------------------
|
||||
|
||||
Windows 95 Updates:
|
||||
-------------------
|
||||
When using Windows 95 OEM SR2 the following updates are recommended where Samba
|
||||
is being used. Please NOTE that the above change will affect you once these
|
||||
updates have been installed.
|
||||
|
||||
There are more updates than the ones mentioned here. You are referred to the
|
||||
Microsoft Web site for all currently available updates to your specific version
|
||||
of Windows 95.
|
||||
|
||||
Kernel Update: KRNLUPD.EXE
|
||||
Ping Fix: PINGUPD.EXE
|
||||
RPC Update: RPCRTUPD.EXE
|
||||
TCP/IP Update: VIPUPD.EXE
|
||||
Redirector Update: VRDRUPD.EXE
|
||||
|
||||
Also, if using MS OutLook it is desirable to install the OLEUPD.EXE fix. This
|
||||
fix may stop your machine from hanging for an extended period when exiting
|
||||
OutLook and you may also notice a significant speedup when accessing network
|
||||
neighborhood services.
|
||||
|
||||
-------------------------------------------------------------------------------
|
||||
The above password information was provided by: Jochen Huppertz <jhu@nrh.de>
|
||||
Loading…
x
Reference in New Issue
Block a user