Changing LDAP Password from Windows failes if referral is configured

heiko.baumann at heiko.baumann at
Mon Dec 8 06:06:21 MST 2014

after trying to get help on the samba list and opening a bug report without getting any  answer i hope it is okay to try it on this list.

my problem is related to samba3 with openldap backend. i use syncrepl to replicate our openldap db to the slapd running on the samba server. slapd is configured to set a referrer for write requests via "updateref".
if i use smbpasswd to change the samba/ldap password from the console everything works fine. i can see the referrer offered by the local slapd and also a rebind to change the password on the master ldap server. also ldapmodify shows the correct referrer.
but if i try to change the password from within windows i get the following error message:
[2014/10/18 12:49:34.511026,  0] passdb/pdb_ldap.c:1826(ldapsam_modify_entry)
  ldapsam_modify_entry: LDAP Password could not be changed for user test: Referral
"ldap follow referral = yes" in smb.conf is set. but for some reason samba cannot find the correct referrer.
any help would be appreciated.

The bug report i opened is this:

More information about the samba-technical mailing list