g r o t t o 1 1

Peeve Farm
Breeding peeves for show, not just to keep as pets 
  Blog \Blôg\, n. [Jrg, fr. Jrg. "Web-log".
     See {Blogger, BlogSpot, LiveJournal}.]
     A stream-of-consciousness Web journal, containing
     links, commentary, and pointless drivel.

On My Blog Menu:

InstaPundit
USS Clueless
James Lileks
Little Green Footballs
As the Apple Turns
Entropicana
Cold Fury
Capitalist Lion
Red Letter Day
Eric S. Raymond
Tal G in Jerusalem
Secular Islam
Aziz Poonawalla
Corsair the Rational Pirate
.clue

« ? Blogging Brians # »





Book Plug:

Buy it and I get
money. I think.
BSD Mall



 10/6/2003 -  10/8/2003
 9/29/2003 -  10/5/2003
 9/22/2003 -  9/28/2003
 9/15/2003 -  9/21/2003
  9/8/2003 -  9/14/2003
  9/1/2003 -   9/7/2003
 8/25/2003 -  8/31/2003
 8/18/2003 -  8/24/2003
 8/11/2003 -  8/17/2003
  8/4/2003 -  8/10/2003
 7/28/2003 -   8/3/2003
 7/21/2003 -  7/27/2003
 7/14/2003 -  7/20/2003
  7/7/2003 -  7/13/2003
 6/30/2003 -   7/6/2003
 6/23/2003 -  6/29/2003
 6/16/2003 -  6/22/2003
  6/9/2003 -  6/15/2003
  6/2/2003 -   6/8/2003
 5/26/2003 -   6/1/2003
 5/19/2003 -  5/25/2003
 5/12/2003 -  5/18/2003
  5/5/2003 -  5/11/2003
 4/28/2003 -   5/4/2003
 4/21/2003 -  4/27/2003
 4/14/2003 -  4/20/2003
  4/7/2003 -  4/13/2003
 3/31/2003 -   4/6/2003
 3/24/2003 -  3/30/2003
 3/17/2003 -  3/23/2003
 3/10/2003 -  3/16/2003
  3/3/2003 -   3/9/2003
 2/24/2003 -   3/2/2003
 2/17/2003 -  2/23/2003
 2/10/2003 -  2/16/2003
  2/3/2003 -   2/9/2003
 1/27/2003 -   2/2/2003
 1/20/2003 -  1/26/2003
 1/13/2003 -  1/19/2003
  1/6/2003 -  1/12/2003
12/30/2002 -   1/5/2003
12/23/2002 - 12/29/2002
12/16/2002 - 12/22/2002
 12/9/2002 - 12/15/2002
 12/2/2002 -  12/8/2002
11/25/2002 -  12/1/2002
11/18/2002 - 11/24/2002
11/11/2002 - 11/17/2002
 11/4/2002 - 11/10/2002
10/28/2002 -  11/3/2002
10/21/2002 - 10/27/2002
10/14/2002 - 10/20/2002
 10/7/2002 - 10/13/2002
 9/30/2002 -  10/6/2002
 9/23/2002 -  9/29/2002
 9/16/2002 -  9/22/2002
  9/9/2002 -  9/15/2002
  9/2/2002 -   9/8/2002
 8/26/2002 -   9/1/2002
 8/19/2002 -  8/25/2002
 8/12/2002 -  8/18/2002
  8/5/2002 -  8/11/2002
 7/29/2002 -   8/4/2002
 7/22/2002 -  7/28/2002
 7/15/2002 -  7/21/2002
  7/8/2002 -  7/14/2002
  7/1/2002 -   7/7/2002
 6/24/2002 -  6/30/2002
 6/17/2002 -  6/23/2002
 6/10/2002 -  6/16/2002
  6/3/2002 -   6/9/2002
 5/27/2002 -   6/2/2002
 5/20/2002 -  5/26/2002
 5/13/2002 -  5/19/2002
  5/6/2002 -  5/12/2002
 4/29/2002 -   5/5/2002
 4/22/2002 -  4/28/2002
 4/15/2002 -  4/21/2002
  4/8/2002 -  4/14/2002
  4/1/2002 -   4/7/2002
 3/25/2002 -  3/31/2002
 3/18/2002 -  3/24/2002
 3/11/2002 -  3/17/2002
  3/4/2002 -  3/10/2002
 2/25/2002 -   3/3/2002
 2/18/2002 -  2/24/2002
 2/11/2002 -  2/17/2002
  2/4/2002 -  2/10/2002
 1/28/2002 -   2/3/2002
 1/21/2002 -  1/27/2002
 1/14/2002 -  1/20/2002
  1/7/2002 -  1/13/2002
12/31/2001 -   1/6/2002
12/24/2001 - 12/30/2001
12/17/2001 - 12/23/2001
Tuesday, September 3, 2002
19:27 - Windows Cretinism of the Day

 (top) link
The rapidly forming Mac Cabal here at work just spent the past hour or so getting our Jaguar machines to behave as Windows SMB file servers on the corporate network. (See, 'cause we can do that now.) But it's not a straightforward process, or at least not as straightforward as it should be, because of a pseudo-bug in the upgrade process that's probably one of those things that they couldn't have managed any more smoothly than they did. Though they could certainly have documented it better. Like, at all.

See, here's how it goes. Mac OS X 10.2 now runs an SMB server (Samba, yes). Because this is a Windows file server, it has to keep user passwords in its equivalent of the Windows password database. When you create a new user or change your password in 10.2, it updates the encrypted password in both the OS X NetInfo database and the SMB password hash file. That's all well and good.

But what about machines that have been running OS versions prior to 10.2-- users that were created in older versions that didn't have Samba? Well, there's no SMB password file-- and there's really no way to create one, because the passwords are encrypted. The only way to create an SMB password file, seeded with the existing user passwords, is to have them re-entered in cleartext by a live human. This means that existing OS X users who have just upgraded to 10.2 must change their password (or at least refresh it by changing it to the same thing) in order to generate the SMB password file, before they can connect to their Mac from a Windows machine.

(For those curious-- just go to Accounts->Edit User, then enter your password in the "Current Password" field and press Return. This authenticates you to use all the rest of the fields on that screen. Turn on the "Allow user to log in from Windows" checkbox, and re-enter your password twice in the "New Password" boxes, and press OK. Then you can use \\ip-address in Windows to connect to your Mac, where you will get full access to the home directory of the user you just enabled. Or so goes the theory.)

It took us the better part of an hour, fiddling and tweaking and prowling the message boards and trying every combination of usernames and backslashes and forward slashes and caps/lowercase that we could think of; but at the end, after we'd figured out the trick to it and given all our machines' primary accounts the necessary refresher procedure, we were all ready to connect-- it was all set up to Windows' satisfaction, at last.

But beware the creeping Windows-ism! Our path toward discovering the light of truth was blocked by something in Windows itself that leaves us bewildered and scratching our heads, even after getting past Jaguar's unfortunate stitch-in-the-side. This is that if you try to log in multiple times from a Windows box, and you repeatedly fail (like more than three times), you will get a dialog box that immediately says "This account has been disabled".

This is on the client side.

That's right: If you're on a Windows box, and you try to log in to the same server more than three times, giving an invalid password (or otherwise failing authentication) three times, the client machine will lock you out from accessing that server. The server has nothing to say about blocking you from accessing it. The flippin' client does this.

See, 'cause you might be a h4xX0r! You can't be trusted with your own computer! That's why we've made it so it can block you from your nefarious activities. We control the horizontal! We control the vertical! We control the TCP/IP!


Fortunately, the blockage of the account goes away in about twenty minutes, leaving you free to enter your username and password, which (assuming the server is working, heh) will let you in to view your files. So now I can watch Leonard Nimoy's "Bilbo Baggins" music-video performance, hosted as it is on my Mac, within the glory of Windows.

But it's this kind of thing that perfectly encapsulates the difference between the Mac OS and Windows. Jaguar has an unfortunate wart that will become irrelevant with time and is easily understandable and explainable, but badly documented under the assumption that everyone will be buying new machines and making fresh installations, or helping each other through this piece of trivia in the forums. Whereas Windows actively intrudes upon your workflow, by design, and prevents you from doing perfectly reasonable things like trying to connect to a server, making assumptions about your intent that would make Ashcroft proud.

Pick your poison. I think I still like the taste of mine, frankly.



...Oh, and incidentally, the perverse of mind can connect over SMB from one Mac to another Mac, now. It's beyond me why you would want to-- you get to see all your files, minus their application bindings, custom icons, and filename extension masking. It's like a Q-type being, accustomed to traveling unfettered through the stars, living in five-dimensional space and beyond-- forced to exist as a four-dimensional human on earth. It's grotesque and filthy, and I don't see a reason to do it other than masochism.

But you can do it.
Back to Top

© Brian Tiemann