Password server rejecting passwords.

[Arcadio A. Sincero Jr.]

Hello SAMBA Mailing List,

	I have three SAMBA v1.9.18 servers running on three Linux 2.0.33
(Debian 1.3.2 distribution) machines operating on my LAN. They are named
Server1, Server2, and Server3.  I have Server1 functioning as the
"password server" for my SAMBA and Win95 network.  In Server1's smb.conf
file I have the following set:

	password level    = 20
	security          = user
        encrypt passwords = yes

I created the smbpasswd file for Server1 as was explained in the
ENCRYPTION.txt text file (except I used ypcat passwd.byname because I run
NIS: ypcat passwd.byname|mksmbpasswd.sh > smbpasswd).

	I have Server2 and Server3 ask Server1 for password
authentication.  Therefore I have the following in thier smb.conf files:

	password level    = 20
	security          = server
        password server   = Server1
        encrypt passwords = yes

	I also have Server1 functioning as the "domain master browser" as
well as the "WINS server".  Therefore, I also have the following in
Server1's smb.conf file:

	wins support      = yes
        domain master     = yes
        local master      = yes
        preferred master  = yes
        os level          = 255

        Server2, however, does domain logins.  So in Server2's smb.conf
file, I also have:

        domain logons     = yes
        logon script      = logon.bat

        [netlogon]
        ...


	Now that I got all that preliminary stuff out of the way, I can
get to my problem :-) ...

	My problem is trying to change the SMB password from Control
Panel->Passwords from Win95 boxes.  Win95 reports that "This request is
not supported by the network".  The "NET PASSWORD" command from DOS boxes
also fail.  Checking the log files of Server2, I see the following error
message:

	password server SERVER1 rejected the password
        get_smbpwd_entry: unable to open file /etc/samba/private/smbpasswd

The second part of the error message is understandable.  Because Server2
is set to ask Server1 for password authentication, I figure it doesn't
need an smbpasswd file of its own.  So I didn't create one.  But the first
part of the error message I do not understand.  Why does Server1 reject
the password?

	Checking Server1's log file did not reveal a whole lot.  In it's
log file, the only message that I see that could be related to this
problem is:

	get_smbpwd_entry: malformed password entry (uid not number)

I say "could be" because I get the first error message in Server2's log
file multiple times (once for every time I try to change the password from
a Win95 box), but that error message in Server1's log file only appears
_once_.  

	I tried fooling with the "passwd program" setting in the smb.conf
file.  To see if the program I set for "passwd program" even gets
executed when I try to change the password from the Win95 box, I created a
test script (called 'testbin') which simply looks like this:

	#!/bin/sh
	echo "Hello" > /tmp/out

And I set the "passwd program" setting to "passwd program = testbin".  If
the passwd program actually does get executed, I should get a file named
'out' in /tmp.  But I don't.  So this seems to indicate that the program I
have set for "passwd program" does not even get executed.  I did this for
both Server1 and Server2 with negative results.

	Also, I did set -DALLOW_CHANGE_PASSWORD in the Makefile before
compiling SAMBA.

	Anybody have any ideas as to what could be the problem?  Thanks in
advance for any help on this.

=============================================================================
Arcadio A. Sincero Jr. a.k.a The TicK -=LpC=-
Undergraduate Computer Science Major/Linux Enthusiast/Competitive Bodybuilder 
WWW: http://www.coming.to.a.web.site.near.you.com
e-mail: asincero at erols.com

"Only lamers quote themselves in their .signatures." 
                                - Arcadio A. Sincero Jr., 1997