basic_smb_auth: rejecting valid credentials

basic_smb_auth.sh delivers the credentials via environment in
a form "$USER%$PASSWORD", which is not expected from smbclient. This seem to
result from an obsolete or inferior documentation of smbclient. While it is
perfectly valid to deliver the credentials in this form via commandline
parameter -U, for example in

  smbclient //domain_controller/NETLOGON -d 0 -E -W windows_domain -c "get
  proxyauth -" -U herrmann%mysecurepassword 2>/dev/null

this form is not valid, when the credentials will be delivered via environment.

Via environment the credentials must be delivered in two separate variables
  USER=$USER%
  PASSWD=$PASSWORD.

diff --git a/helpers/basic_auth/SMB/basic_smb_auth.sh b/helpers/basic_auth/SMB/basic_smb_auth.sh
index 863e941be9c29544d90d82638d93eeeeb2377986..6c536f2b83007d16f2a6a58de76989b5decc35c9 100755 (executable)
--- a/helpers/basic_auth/SMB/basic_smb_auth.sh
+++ b/helpers/basic_auth/SMB/basic_smb_auth.sh
@@ -64,8 +64,12 @@ echo "Domain controller NETBIOS name: $dcname"
 [ -n "$dcname" ] || exit 1
 
 # Pass password to smbclient through environment. Not really safe.
-USER="$SMBUSER%$SMBPASS"
+# NOTE: this differs from what the smbclient documentation says.
+#       But works when the smbclient documented way does not.
+USER="$SMBUSER"
+PASSWD="$SMBPASS"
 export USER
+export PASSWD
 
 # Read the contents of the file $AUTHFILE on the $AUTHSHARE share
 authfilebs=`echo "$AUTHFILE" | tr / '\\\\'`