Hi,
we finally bought our CIFS license. :)
FILER2> version NetApp Release 6.0.1R2: Fri Feb 9 01:12:44 PST 2001
We _don't_ intend to use a Domain Controller (do we have to?).
To the moment, and after some reading I face following problems:
- the indicated copy+paste of a crypted password from an unix server to the /vol/vol0/etc/passwd fails, I keep getting an NT_STATUS_WRONG_PASSWORD. If I delete the password field I can logon with no passwd;
- the "cifs passwd PASS" pasted into the password field in /vol/vol0/etc/passwd gives the same behavior as the previous;
- Any user can login as ANONYMOUS (even to the C$ share): smbclient //filer-2.nfs/C$/ -U idontexist -I filer-2.nfs [...] Anonymous login successful
TIA for you help.
Hi,
we finally bought our CIFS license. :)
FILER2> version NetApp Release 6.0.1R2: Fri Feb 9 01:12:44 PST 2001
We _don't_ intend to use a Domain Controller (do we have to?).
To the moment, and after some reading I face following problems:
the indicated copy+paste of a crypted password from an unix server to the /vol/vol0/etc/passwd fails, I keep getting an NT_STATUS_WRONG_PASSWORD. If I delete the password field I can logon with no passwd;
the "cifs passwd PASS" pasted into the password field in /vol/vol0/etc/passwd gives the same behavior as the previous;
Any user can login as ANONYMOUS (even to the C$ share): smbclient //filer-2.nfs/C$/ -U idontexist -I filer-2.nfs [...] Anonymous login successful
TIA for you help.
When you ran cifs setup, did you select unix password authentication?
In the /vol/vol0/etc/passwd file, the filer expects the standard unix 13 character encrypted password string. Linux /etc/shadow uses a longer md5 hash of some sort and this doesn't work. If you don't have a file with the 13 character strings, then you can generate them yourself with perl like this:
$cleartext="mypasswd"; $salt="Xy"; $encrypted = crypt($cleartext, $salt); print("$encrypted\n");
$salt is any two characters chosen from these 64 characters:
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./
Steve Losen scl@virginia.edu phone: 434-924-0640
University of Virginia ITC Unix Support
Words by Steve Losen [Wed, Apr 17, 2002 at 11:53:48AM -0400]:
Hi,
we finally bought our CIFS license. :)
FILER2> version NetApp Release 6.0.1R2: Fri Feb 9 01:12:44 PST 2001
We _don't_ intend to use a Domain Controller (do we have to?).
To the moment, and after some reading I face following problems:
the indicated copy+paste of a crypted password from an unix server to the /vol/vol0/etc/passwd fails, I keep getting an NT_STATUS_WRONG_PASSWORD. If I delete the password field I can logon with no passwd;
the "cifs passwd PASS" pasted into the password field in /vol/vol0/etc/passwd gives the same behavior as the previous;
Any user can login as ANONYMOUS (even to the C$ share): smbclient //filer-2.nfs/C$/ -U idontexist -I filer-2.nfs [...] Anonymous login successful
TIA for you help.
When you ran cifs setup, did you select unix password authentication?
You're talking about
" This filer is currently configured as a Multiprotocol filer. Do you want to configure this filer as a NTFS-only filer? [no]: no "
and
" Will this filer use an NT Domain for authentication? [yes]:no "
right?
In the /vol/vol0/etc/passwd file, the filer expects the standard unix 13 character encrypted password string. Linux /etc/shadow uses a longer md5 hash of some sort and this doesn't work. If you don't have a file with the 13 character strings, then you can generate them yourself with perl like this:
$cleartext="mypasswd"; $salt="Xy"; $encrypted = crypt($cleartext, $salt); print("$encrypted\n");
$salt is any two characters chosen from these 64 characters:
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./
I tried with a BSD passwd also, I thought MD5 would work.
But shouldn't cifs passwd PASS give you such a password?
And is there any way to disable ANONYMOUS access?
Is the etc/passwd active as soon as I change it? I heard of a need-to-reebot-to-take-effect bug regarding CIFS and changes to etc/passwd.
Steve Losen scl@virginia.edu phone: 434-924-0640
University of Virginia ITC Unix Support
-
Jose Celestino -
Steve Losen