> NT works on a domain based security system, not a per-resource model. A user
> logs into the network, is authenticated once. Once logged in, he can connect
> to anything he has specific rights to use, without giving a password
> everytime he wants to print, connect a drive etc. One can additionally
> password protect resources on a per-use basis if needed.
Unfortunately NT doesn't play well with others. For example, once I have
logged in a network drive anyone else executing on the same NT server can
connect to it with no password. I'm not sure where the authentication is
falling down: the drive I'm logged onto isn't on an NT system... but it
swears it's getting proper validation and I've set it to require a password
on every new connection... so either NT is providing a new password or it's
piggybacking on the original connection.
I just noticed this yesterday, and I'm in the process of evaluating the
situation. Perhaps NT is thinking "Oh, that's not an NT system so it can't
care about security, I'll save a connection..."?
As for the case insensitivity on Samba, that's because some Lan manager
clients don't support lowercase passwords, so Samba tries to accomodate them.
I assume that NT will simply not allow such clients to connect.