[GLLUG] Samba + Linux, FreeBSD, and (sigh) Windows

Mon Nov 3 18:10:23 EST 2003

You could always make the user enter the password by not specifying it
on the command line.  Here is a batch file I use to log into a separate
domain that I use frequently.  It's only accessible via VPN, hence the
pings, but it handles most of the common logon issues that 'NET USE'
doesn't.

--- cut ---

@echo off
set count=1
color 0b
ping 10.0.100.8	
ping -n 1 -w 2000 10.0.100.8 2>&1 | findstr /C:"Reply from" >nul 2>&1
if errorlevel 1 goto Fail
:Success
net use x: /delete
net use x: \\10.0.100.8\Shares /user:PaulM *
if errorlevel 1 goto Login
goto End
:Login
echo Unable to login to the server.
echo Check your password and try again.
echo.
if "%count%" == "3" (
   goto Failed
)
set /a count=%count%+1 >nul
pause
goto Success
:Fail
echo Unable to communicate with server.
echo Are you sure that you are connected to that network?
echo.
pause
goto End
:Failed
echo Unable to log in to the server.
echo (Was CAPSLOCK on?)
echo Check username and password and try again.
echo.
pause
goto End
:End

-- paste --

PaulM

-----Original Message-----
From: C. Ulrich [mailto:dincht at securenym.net]
Sent: Monday, November 03, 2003 4:58 PM
To: Melson, Paul
Cc: GLLUG
Subject: RE: [GLLUG] Samba + Linux, FreeBSD, and (sigh) Windows

On Mon, 2003-11-03 at 07:33, Melson, Paul wrote:
> First, I apologize if this gets all HTML-ized.  I'm using OWA 
> and can't do anything about it.

No problem. Normally, Evolution will wrap automatically if I select
Format -> Wrap Lines, but it wasn't working for me, so I did it by hand.
:P

> The short answer is yes, as long as you're not worried about 
> passwords being stored in plain text.  NT/2K/XP/2K3 all 
> operate under the assumption of cached credentials.  Whatever
> you logged in to the local machine with is what it will want
> to use to authenticate to anything on the network (and
> sometimes the Internet if you let it - ewww!).
> Anyway, the syntax is pretty simple:
>  
> NET USE F: \\[host-or-ip]\[share] /user:[username] [password]
>  
> If you don't specify a drive letter, it will automatically
> pick the next available.  You can also add '/persistent:yes'
> to make Windows remember this share.  However, it won't
> remember the credentials, and Windows will prompt the user
> the next time they try and open the drive (after the locally
> cached credentials fail, I believe).
> Hope that helps!
>  
> PaulM

This basically looks like a command-line version of the same thing that
I was doing in the GUI. So I guess the only way to do what I want to do
is create a batch file or something that gets run on each logon. I don't
relish the idea of storing the password in plaintext (even in a
Windows-encrypted file), but maybe I can hack up a quick program to at
least obfusicate it like FreeBSD's "smbutil crypt" does.

...Found the source for the "simplecrypt" algorithm from FreeBSD's smbfs
and it looks like I won't have to do much of anything to make it work
under Windows. Yes, I like making work for myself. Thanks, Paul!

Charles Ulrich