[prev in list] [next in list] [prev in thread] [next in thread]
List: fedora-directory-users
Subject: Re: [Fedora-directory-users] samba CTRL ALT DEL password sync problem
From: Roger Spencer <rspencer () auspicecorp ! com>
Date: 2007-03-29 17:20:19
Message-ID: 674501563.7561175188819335.JavaMail.root () po1 ! auspiceinc ! com
[Download RAW message or body]
Trying changing:
ldap passwd sync = no
unix password sync = Yes
Works for me.
----- Original Message -----
From: "Stephane ARMANET" <stephane.armanet@ch-st-julien.fr>
To: Fedora-directory-users@redhat.com
Sent: Thursday, March 29, 2007 11:57:22 AM (GMT-0500) America/New_York
Subject: [Fedora-directory-users] samba CTRL ALT DEL password sync problem
Hello List
I try to configure samba workig with FDS.
It's look OK I can connect but when user try to change his password using CTRL + ALT \
+ DEL from windows, after typing the passwords it returns:
"current password or user's name is incorrect...." The samba-pasword is change but \
not the userPassword attribute
The logs of samba tells:
[2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_modify_entry(1574)
ldapsam_modify_entry: LDAP Password could not be changed for user user1: \
Confidentiality required Operation requires a secure connection.
[2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1720)
ldapsam_update_sam_account: failed to modify user with uid = user1, error: Operation \
requires a secure connection. (Success)
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(539)
decode_pw_buffer: incorrect password length (-1886846999).
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(540)
decode_pw_buffer: check that 'encrypt passwords = yes'
My smb.conf:
[global]
workgroup = TEST2DOM
netbios name = SERVADM
os level = 65
domain logons = yes
domain master = yes
local master = yes
security = user
encrypt passwords = true
pam password change = no
####### CONFIG LDAP ################
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -g 515 -c 'Machine \
Account' -s /bin/false %u add user script = /usr/sbin/smbldap-useradd -a -m '%u'
delete user script = /usr/sbin/smbldap-userdel -r '%u'
add group script = /usr/sbin/smbldap-groupadd '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
# Connexion LDAP
passdb backend = ldapsam:ldap://ds.ch-st-julien.intra
ldap admin dn = uid=admin,dc=ch-st-julien,dc=fr
ldap suffix = dc=ch-st-julien,dc=fr
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
passwd chat debug = Yes
ldap passwd sync = yes
unix password sync = no
passwd program = /usr/bin/smbldap-passwd -u %U
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\spassword:* %n\n .
###### Gestion des ACL #######
nt acl support = yes
# gestion heritage
inherit acls = yes
Is anyone has ever meet this problem ???
Thank's --
ARMANET Stephane
[Attachment #3 (text/html)]
<html><head><style type='text/css'>body { font-family: 'Times New Roman'; font-size: \
12pt; color: #000000}</style></head><body>Trying changing:<br><br>ldap passwd sync = \
no<br>unix password sync = Yes<br><br>Works for me.<br><br>----- Original Message \
-----<br>From: "Stephane ARMANET" <stephane.armanet@ch-st-julien.fr><br>To: \
Fedora-directory-users@redhat.com<br>Sent: Thursday, March 29, 2007 11:57:22 AM \
(GMT-0500) America/New_York<br>Subject: [Fedora-directory-users] samba CTRL ALT DEL \
password sync problem<br><br>
<div>
<br>
Hello List<br>
<br>
I try to configure samba workig with FDS.<br>
<br>
<br>
It's look OK I can connect but when user try to change his password
using CTRL + ALT + DEL from<br>
windows, after typing the passwords it returns:<br>
"current password or user's \
name is incorrect...." The samba-pasword is change but not the userPassword \
attribute<br> <br>
<br>
The logs of samba tells:<br>
<br>
<i>[2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_modify_entry(1574)<br>
ldapsam_modify_entry: LDAP Password could not be changed for user
user1: Confidentiality required<br>
Operation requires a secure \
connection.<br> <br>
[2007/03/19 12:28:51, 0]
passdb/pdb_ldap.c:ldapsam_update_sam_account(1720)<br>
ldapsam_update_sam_account: failed to modify user with uid = user1,
error: Operation requires a secure connection.<br>
(Success)<br>
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(539)<br>
decode_pw_buffer: incorrect password length (-1886846999).<br>
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(540)<br>
decode_pw_buffer: check that 'encrypt passwords = yes'</i><br>
<br>
<br>
My smb.conf:<br>
<i>[global]<br>
<br>
<br>
workgroup = TEST2DOM<br>
netbios name = SERVADM<br>
os level = 65<br>
domain logons = yes<br>
domain master = yes<br>
local master = yes<br>
security = user<br>
encrypt passwords = true<br>
pam password change = no<br>
<br>
####### CONFIG LDAP ################<br>
<br>
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -g 515
-c 'Machine Account' -s /bin/false %u<br>
add user script = /usr/sbin/smbldap-useradd -a -m '%u'<br>
delete user script = /usr/sbin/smbldap-userdel -r '%u'<br>
add group script = /usr/sbin/smbldap-groupadd '%g'<br>
delete group script = /usr/sbin/smbldap-groupdel '%g'<br>
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'<br>
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'<br>
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'<br>
<br>
# Connexion LDAP<br>
passdb backend = ldapsam:ldap://ds.ch-st-julien.intra<br>
ldap admin dn = uid=admin,dc=ch-st-julien,dc=fr<br>
ldap suffix = dc=ch-st-julien,dc=fr<br>
ldap user suffix = ou=People<br>
ldap group suffix = ou=Groups<br>
ldap machine suffix = ou=Computers<br>
<br>
passwd chat debug = Yes<br>
<br>
ldap passwd sync = yes<br>
<br>
unix password sync = no<br>
passwd program = /usr/bin/smbldap-passwd -u %U<br>
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\spassword:* %n\n .<br>
<br>
<br>
###### Gestion des ACL #######<br>
nt acl support = yes<br>
<br>
# gestion heritage<br>
inherit acls = yes<br>
<br>
</i><br>
<br>
Is anyone has ever meet this problem ???<br>
<br>
Thank's
<pre class="moz-signature">-- <br><br>ARMANET Stephane<br><br><br></pre>
</div>
</body></html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic