'Re: [Fedora-directory-users] samba CTRL ALT DEL password sync problem'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-directory-users
Subject:    Re: [Fedora-directory-users] samba CTRL ALT DEL password sync problem
From:       Roger Spencer <rspencer () auspicecorp ! com>
Date:       2007-03-29 17:20:19
Message-ID: 674501563.7561175188819335.JavaMail.root () po1 ! auspiceinc ! com
[Download RAW message or body]

Trying changing: 

ldap passwd sync = no 
unix password sync = Yes 

Works for me. 

----- Original Message ----- 
From: "Stephane ARMANET" <stephane.armanet@ch-st-julien.fr> 
To: Fedora-directory-users@redhat.com 
Sent: Thursday, March 29, 2007 11:57:22 AM (GMT-0500) America/New_York 
Subject: [Fedora-directory-users] samba CTRL ALT DEL password sync problem 



Hello List 

I try to configure samba workig with FDS. 


It's look OK I can connect but when user try to change his password using CTRL + ALT \
+ DEL from  windows, after typing the passwords it returns: 
"current password or user's name is incorrect...." The samba-pasword is change but \
not the userPassword attribute 


The logs of samba tells: 

[2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_modify_entry(1574) 
ldapsam_modify_entry: LDAP Password could not be changed for user user1: \
Confidentiality required  Operation requires a secure connection. 

[2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1720) 
ldapsam_update_sam_account: failed to modify user with uid = user1, error: Operation \
requires a secure connection.  (Success) 
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(539) 
decode_pw_buffer: incorrect password length (-1886846999). 
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(540) 
decode_pw_buffer: check that 'encrypt passwords = yes' 


My smb.conf: 
[global] 


workgroup = TEST2DOM 
netbios name = SERVADM 
os level = 65 
domain logons = yes 
domain master = yes 
local master = yes 
security = user 
encrypt passwords = true 
pam password change = no 

####### CONFIG LDAP ################ 

add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -g 515 -c 'Machine \
Account' -s /bin/false %u  add user script = /usr/sbin/smbldap-useradd -a -m '%u' 
delete user script = /usr/sbin/smbldap-userdel -r '%u' 
add group script = /usr/sbin/smbldap-groupadd '%g' 
delete group script = /usr/sbin/smbldap-groupdel '%g' 
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' 
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' 
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' 

# Connexion LDAP 
passdb backend = ldapsam:ldap://ds.ch-st-julien.intra 
ldap admin dn = uid=admin,dc=ch-st-julien,dc=fr 
ldap suffix = dc=ch-st-julien,dc=fr 
ldap user suffix = ou=People 
ldap group suffix = ou=Groups 
ldap machine suffix = ou=Computers 

passwd chat debug = Yes 

ldap passwd sync = yes 

unix password sync = no 
passwd program = /usr/bin/smbldap-passwd -u %U 
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\spassword:* %n\n . 


###### Gestion des ACL ####### 
nt acl support = yes 

# gestion heritage 
inherit acls = yes 



Is anyone has ever meet this problem ??? 

Thank's -- 

ARMANET Stephane 


[Attachment #3 (text/html)]

<html><head><style type='text/css'>body { font-family: 'Times New Roman'; font-size: \
12pt; color: #000000}</style></head><body>Trying changing:<br><br>ldap passwd sync = \
no<br>unix password sync = Yes<br><br>Works for me.<br><br>----- Original Message \
-----<br>From: "Stephane ARMANET" &lt;stephane.armanet@ch-st-julien.fr&gt;<br>To: \
Fedora-directory-users@redhat.com<br>Sent: Thursday, March 29, 2007 11:57:22 AM \
(GMT-0500) America/New_York<br>Subject: [Fedora-directory-users] samba CTRL ALT DEL \
password sync problem<br><br>


  
<div>
<br>
Hello List<br>
<br>
I try to configure samba workig with FDS.<br>
<br>
<br>
It's look OK I can connect but when user try to change his password
using CTRL + ALT + DEL from<br>
windows, after typing the passwords it returns:<br>
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; "current password or user's \
name is incorrect...."&nbsp; The samba-pasword is change but not the userPassword \
attribute<br> <br>
<br>
The logs of samba tells:<br>
<br>
<i>[2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_modify_entry(1574)<br>
&nbsp; ldapsam_modify_entry: LDAP Password could not be changed for user
user1: Confidentiality required<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Operation requires a secure \
connection.<br> &nbsp; <br>
[2007/03/19 12:28:51, 0]
passdb/pdb_ldap.c:ldapsam_update_sam_account(1720)<br>
&nbsp; ldapsam_update_sam_account: failed to modify user with uid = user1,
error: Operation requires a secure connection.<br>
&nbsp;&nbsp; (Success)<br>
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(539)<br>
&nbsp; decode_pw_buffer: incorrect password length (-1886846999).<br>
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(540)<br>
&nbsp; decode_pw_buffer: check that 'encrypt passwords = yes'</i><br>
<br>
<br>
My smb.conf:<br>
<i>[global]<br>
<br>
<br>
workgroup = TEST2DOM<br>
netbios name = SERVADM<br>
os level = 65<br>
domain logons = yes<br>
domain master = yes<br>
local master = yes<br>
security = user<br>
encrypt passwords = true<br>
pam password change = no<br>
<br>
#######&nbsp;&nbsp; CONFIG LDAP&nbsp;&nbsp; ################<br>
<br>
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -g 515
-c 'Machine Account' -s /bin/false %u<br>
add user script = /usr/sbin/smbldap-useradd -a -m '%u'<br>
delete user script = /usr/sbin/smbldap-userdel -r '%u'<br>
add group script = /usr/sbin/smbldap-groupadd&nbsp; '%g'<br>
delete group script = /usr/sbin/smbldap-groupdel '%g'<br>
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'<br>
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'<br>
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'<br>
<br>
&nbsp;# Connexion LDAP<br>
passdb backend = ldapsam:ldap://ds.ch-st-julien.intra<br>
ldap admin dn = uid=admin,dc=ch-st-julien,dc=fr<br>
ldap suffix = dc=ch-st-julien,dc=fr<br>
ldap user suffix = ou=People<br>
ldap group suffix = ou=Groups<br>
ldap machine suffix = ou=Computers<br>
<br>
passwd chat debug = Yes<br>
<br>
ldap passwd sync = yes<br>
<br>
unix password sync = no<br>
passwd program = /usr/bin/smbldap-passwd -u %U<br>
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\spassword:* %n\n .<br>
<br>
<br>
###### Gestion des ACL #######<br>
nt acl support = yes<br>
<br>
# gestion heritage<br>
inherit acls = yes<br>
<br>
</i><br>
<br>
Is anyone has ever meet this problem ???<br>
<br>
Thank's
<pre class="moz-signature">-- <br><br>ARMANET Stephane<br><br><br></pre>
</div>
</body></html>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic