Missing sambaLMPassword in machines account entries in Samba-LDAP
Wong Onn Chee
ocwong at usa.net
Wed Jun 16 10:36:00 GMT 2004
Hi,
Recently, I encountered the following problem
1) I joined some Windows machines (includes NT, 2k and XP Pro
workstations) into a Samba (3.0.4) domain with LDAP backend (OpenLDAP
2.1.23)
2) Few days later, they suddenly couldn't login to domain.
3) After rejoining the domain, login works fine.
An investigation of the LDAP entries before and after the rejoining
brought an interesting discovery.
Before the rejoining, the machine accounts have both sambaNTPassword and
sambaLMPassword. However, after rejoining, they only have
sambaNTPassword, without sambaLMPassword
The LDAP entries are as follow:
After rejoining and login worked
dn: uid=xyz123$,o=abc
uid: xyz123$
sambaSID: S-1-5-21-2977856684-1602124429-2737401555-1000868
sambaPrimaryGroupSID: S-1-5-21-2977856684-1602124429-2737401555-1201
objectClass: sambaSamAccount
objectClass: account
displayName: xyz123$
sambaPwdMustChange: 2147483647
sambaAcctFlags: [W ]
sambaPwdCanChange: 1086922496
sambaNTPassword: D6A7A22A428F4DD37CF964D151DA7685
sambaPwdLastSet: 1086922496
Before rejoining and login wasn't working
dn: uid=xyz123$,o=abc
uid: xyz123$
sambaSID: S-1-5-21-2977856684-1602124429-2737401555-1000868
sambaPrimaryGroupSID: S-1-5-21-2977856684-1602124429-2737401555-1201
objectClass: sambaSamAccount
objectClass: account
displayName: xyz123$
sambaPwdCanChange: 1083829988
sambaPwdMustChange: 2147483647
sambaLMPassword: D7886B6D3A23A7FC68EE2B49E9D8DA64
sambaNTPassword: AE07138AC14209FFE6CEBD882686B009
sambaPwdLastSet: 1083829988
sambaAcctFlags: [W ]
Have anyone encountered this before?
More information about the samba-technical
mailing list