summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-12-13 12:40:25 +1100
committerAndrew Bartlett <abartlet@samba.org>2010-12-14 01:10:21 +0100
commitd97492e42a65540febae93dd0255b91d034f9def (patch)
tree238d91b33c106ccff0c906b43dabfee77055d960 /source3
parentf974e68213177a1309d0fa3bf78221f7cac2127c (diff)
downloadsamba-d97492e42a65540febae93dd0255b91d034f9def.tar.gz
samba-d97492e42a65540febae93dd0255b91d034f9def.tar.bz2
samba-d97492e42a65540febae93dd0255b91d034f9def.zip
s3-libsmb Improve error message when denying LM encryption
Now that 'client ntlmv2 auth = yes' is the default, make it more clear what options a user may need to enable to get this to work. Andrew Bartlett
Diffstat (limited to 'source3')
-rw-r--r--source3/libsmb/cliconnect.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 65f6924a68..ec9ff58a17 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1399,15 +1399,15 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
if (cli->protocol < PROTOCOL_NT1) {
if (!lp_client_lanman_auth() && passlen != 24 && (*pass)) {
- DEBUG(1, ("Server requested LM password but 'client lanman auth'"
- " is disabled\n"));
+ DEBUG(1, ("Server requested LM password but 'client lanman auth = no'"
+ " or 'client ntlmv2 auth = yes'\n"));
return NT_STATUS_ACCESS_DENIED;
}
if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0 &&
!lp_client_plaintext_auth() && (*pass)) {
- DEBUG(1, ("Server requested plaintext password but "
- "'client plaintext auth' is disabled\n"));
+ DEBUG(1, ("Server requested LM password but 'client plaintext auth = no'"
+ " or 'client ntlmv2 auth = yes'\n"));
return NT_STATUS_ACCESS_DENIED;
}
@@ -1433,8 +1433,8 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0) {
if (!lp_client_plaintext_auth() && (*pass)) {
- DEBUG(1, ("Server requested plaintext password but "
- "'client plaintext auth' is disabled\n"));
+ DEBUG(1, ("Server requested LM password but 'client plaintext auth = no'"
+ " or 'client ntlmv2 auth = yes'\n"));
return NT_STATUS_ACCESS_DENIED;
}
return cli_session_setup_plaintext(cli, user, pass, workgroup);
@@ -1609,7 +1609,7 @@ struct tevent_req *cli_tcon_andx_create(TALLOC_CTX *mem_ctx,
if (!lp_client_lanman_auth()) {
DEBUG(1, ("Server requested LANMAN password "
"(share-level security) but "
- "'client lanman auth' is disabled\n"));
+ "'client lanman auth = no' or 'client ntlmv2 auth = yes'\n"));
goto access_denied;
}
@@ -1625,8 +1625,8 @@ struct tevent_req *cli_tcon_andx_create(TALLOC_CTX *mem_ctx,
== 0) {
if (!lp_client_plaintext_auth() && (*pass)) {
DEBUG(1, ("Server requested plaintext "
- "password but 'client plaintext "
- "auth' is disabled\n"));
+ "password but "
+ "'client lanman auth = no' or 'client ntlmv2 auth = yes'\n"));
goto access_denied;
}