[Samba] incorrect password length when joining domain, need help

Charles Hamel charles at pingouin.ca
Fri Dec 12 20:56:28 GMT 2003


I fixed my problem,

This problem started to appear with 3.0.1rc1 ( maybe pre3 too ). I installed
RC2 and it did not fix the problem, 3.0.0 works fine!

Charles

On Fri, 12 Dec 2003 14:01:51 -0500, Charles Hamel wrote
> Hi
> 
> I just re-initiated by ldap sam database using smbldap-populate.pl, modified
> the Administrator account (uid/gid=0). I can join the domain from a Samba
> 
> 2.2.7 linux machine, it creates the machine account etc... The 
> problem happens with Windows 2000 SP2, It tells me wrong 
> user/password. Here is the samba error : decode_pw_buffer: incorrect 
> password length (-2118884061).
> 
> Here is the full log :
> 
>   Attempting administrator password change (level 23) for user workstation$
> [2003/12/12 13:25:57, 0] libsmb/smbencrypt.c:decode_pw_buffer(501)
>   decode_pw_buffer: incorrect password length (-2118884061).
> [2003/12/12 13:25:57, 0] libsmb/smbencrypt.c:decode_pw_buffer(502)
>   decode_pw_buffer: check that 'encrypt passwords = yes'
> [2003/12/12 13:25:57, 5] rpc_parse/parse_prs.c:prs_debug(82)
>   000000 samr_io_r_set_userinfo
> [2003/12/12 13:25:57, 5] rpc_parse/parse_prs.c:prs_ntstatus(665)
>       0000 status: NT_STATUS_ACCESS_DENIED
> [2003/12/12 13:25:57, 5] rpc_server/srv_pipe.c:api_rpcTNP(1549)
>   api_rpcTNP: called samr successfully
> 
> Here is my smb.conf file 
> [global]
> 
> #### ADD SCRIPTS
> add machine script = /usr/local/samba/share/smbldap-useradd.pl -w 
> "%u" add user script = /usr/local/samba/share/smbldap-useradd.pl 
> "%u" delete user script = /usr/local/samba/share/smbldap-userdel.pl "%u"
> add group script = /usr/local/samba/share/smbldap-groupadd.pl "%g"
> delete group script = /usr/local/samba/share/smbldap-groupdel.pl "%g"
> add user to group script = /usr/local/samba/share/smbldap-
> groupmod.pl -m "%u" "%g" delete user from group script = 
> /usr/local/samba/share/smbldap-groupmod.pl -x "%u" "%g" set primary 
> group script = /usr/local/samba/share/smbldap-usermod.pl -G "%g" "%u"
> 
> null passwords = yes
> #unix charset = UTF-8
> passdb backend = ldapsam:ldap://localhost/
> ldap suffix = o=smb,dc=qc,dc=ca
> ldap machine suffix = ou=Computers
> ldap user suffix = ou=Users
> ldap group suffix = ou=Groups
> ldap admin dn = cn=root,o=smb,dc=qc,dc=ca
> guest account = nobody
> workgroup = LINUX
> netbios name = PDC
> comment = Server
> security = user
> encrypt passwords = yes
> logon script = scripts\%U.bat
> domain logons = Yes
> os level = 255
> preferred master = Yes
> domain master = Yes
> #hosts allow = 192.168.0.0/255.255.255.0
> share modes = No
> wins support = Yes
> [homes]
>         path=/home/domainusers
>         read only = No
>         create mask = 0700
>         directory mask = 0700
>         locking = No
>         oplocks = No
> 
> [netlogon]
>         path = /usr/local/samba/netlogon
>         locking = no
>         read only = yes
> 
> [profiles]
> path = /home/domainusers/profiles
> read only = no
> writeable = yes
> create mask = 0600
> directory mask = 0700
> 
> Here is the LDIF entry of Administrator :
> 
> dn: uid=Administrator,ou=Users,o=smb,dc=qc,dc=ca
> cn: Administrator
> sn: Administrator
> objectClass: inetOrgPerson
> objectClass: sambaSAMAccount
> objectClass: posixAccount
> uid: Administrator
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> sambaHomePath: \\PDC\homes
> sambaHomeDrive: U:
> sambaProfilePath: \\PDC\profiles\
> loginShell: /bin/false
> gecos: Netbios Domain Administrator
> sambaSID: S-1-5-21-3655003630-1527190663-3647191254-1000
> sambaPrimaryGroupSID: S-1-5-21-3655003630-1527190663-3647191254-1001
> uidNumber: 0
> gidNumber: 0
> homeDirectory: /
> sambaLMPassword: XXXXXXXXXXXXXXXXXXXXXXXXXX (removed)
> sambaAcctFlags: [U]
> sambaNTPassword: XXXXXXXXXXXXXXXXXXXXXXXXXX (removed)
> sambaPwdLastSet: 1071185436
> sambaPwdMustChange: 1075073436
> userPassword:: XXXXXXXXXXXXXXXXXXXXXXXXXX (removed)
> 
> I am running Samba 3.0.1rc1 on Redhat 9.0
> 
> Please help me
> 
> Thank you
> 
> Charles
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba


--
Open WebMail Project (http://openwebmail.org)



More information about the samba-technical mailing list