[Samba] samba 3.0.2a-Debian +ldapsam +smbldap-tools 3.0rc4-1=
newly created users can't log in
abartlet at samba.org
Thu Mar 18 21:37:23 GMT 2004
On Fri, 2004-03-19 at 06:33, Bradley W. Langhorst wrote:
> On Thu, 2004-03-18 at 13:15, Bradley W. Langhorst wrote:
> > sambaPwdLastSet: 0
> here's the problem!
> if i manually change this to "1" in the ldap store the login works fine
> 0 should be an okay value i think - though smbldap-passwd should set it
> to the current time...
It should! Either the value must be left out, or it *must* be a valid
> > I cranked up the log to 100 and watched what's going on during login...
> > It finds the user using the same filter as i did above.
> > It finds all the attributes except the NT and LM passwords.
> > But then i find this:
> > 2004/03/18 11:58:52, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
> > pop_sec_ctx (2007, 100) - sec_ctx_stack_ndx = 0
> > [2004/03/18 11:58:52, 3] libsmb/ntlm_check.c:ntlm_password_check(182)
> > ntlm_password_check: NO NT password stored for user mcmahon.
> > [2004/03/18 11:58:52, 3] libsmb/ntlm_check.c:ntlm_password_check(309)
> > ntlm_password_check: NO LanMan password set for user mcmahon (and no
> > NT password supplied)
> I believe these false reports to be a bug
> i just looked in the code to see if i could find something obvious but
> it would take me a while trace out whats going on...
> maybe one of the developers just knows where to fix this.
The issue is that we key the existence of a valid password against
sambaPwdLastSet being some value other than 0. This is due to bugs in
3.0.0 and 3.0.1 (see the 3.0.2a release notes).
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040319/714613fa/attachment.bin
More information about the samba-technical