Samba 4.0.0alpha7-GIT-37da26a problems with password policy

Natxo Asenjo natxo.asenjo at
Fri Jan 30 12:48:58 GMT 2009


yesterday I followed the instructions at and I have a linux based
active directory running on a stock debian lenny virtual installation.

I succesfully joined a windows xp pro sp3 (dutch) to this domain. I
have using some resource kit tools and I must say I am really
impressed by what I see. Running klist.exe tickets gives me exactly
the same info I see in a windows AD; the dstools (dsadd, dsquery etc)
just *work* from the xp virtual workstation. Amazing.

I have run accros a problem, but I am not sure whether this is a samba
4 problem or my problem. While using dsa.msc (users and computers), if
i try to create a user in a ou the wizard fails with the message that
the password does not meet the complexity requirements. Fair enough, I
choose a complex password, it does work. The same happens with dsadd,
but with dsadd I get to create the account, although it is disabled.

If I try editing the default domain policy (I know, I know, I should
create a new policy for this, but this is just a test environment) and
disable the complexity requirements for the password policy like you
can see here: (it is in dutch,
but basically uitgeschakeld meens disabled en 5 tekens means 5

I have updated the policy several times with gpupdate /force and
restarted the xp box several times.

I also added this to smb.conf  in the [globals] section:

log file        = /var/log/samba/log.%m
        syslog          = 0

but I see no log file being created. The directory /var/log/samba
exists, of course.

Another thing: if I try adsiedit.msc , it crashes when trying to open
the properties of an object. I can browse the database but when
opening the properties it crashes and wants to send a report to MS (I
guess they would not accept it coming from a samba 4 server ;-0).
Any ideas?

More information about the samba-technical mailing list