smbpasswd fails to change both smb and UNIX passwds simultaneously
Jeff Ballin
jeff at enthalpy.biochem.wisc.edu
Tue Jun 30 06:08:20 GMT 1998
Hello everyone,
I have not had luck with any of the documentation I have found....if the answer
to my question lay out there, point me in the right direction and I will gladly
RTFM.
I am running RedHat 5.0 on an Alpha CPU based computer. Samba is at 1.9.18p8,
compiled on this system with ALLOW_CHANGE_PASSWORD and PAM encryption enabled.
I am able to log into the network and file share, etc. My problem is that I
cannot get smbpasswd to change both the unix passwd file and the smbpasswd file
simultaneously. If I set "unix password sync=no", smbpasswd (as a user) is
able to change the smb password without a hitch. Using passwd directly changes
the unix passwd file without problem. However, with "unix password sync=yes,"
I go through the passwd chat sequence, but fail every time with
smbpasswd: machine 127.0.0.1 rejected the password change: Error was : The
specified password is invalid.
Below is a clip from the smb logfile at debug level 3.
=========
1998/06/30 01:14:18 Transaction 1 of length 168
switch message SMBnegprot (pid 2021)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [MICROSOFT NETWORKS 1.03]
Requested protocol [MICROSOFT NETWORKS 3.0]
Requested protocol [LANMAN1.0]
Requested protocol [LM1.2X002]
Requested protocol [Samba]
Selected protocol NT LANMAN 1.0
1998/06/30 01:14:18 Transaction 2 of length 110
switch message SMBsesssetupX (pid 2021)
Domain=[] NativeOS=[Unix] NativeLanMan=[Samba]
sesssetupX:name=[HOLBROOK]
adding home directory holbrook at /home/holbrook
holbrook is in 2 groups
504 100
uid 503 registered to name holbrook
Clearing default real name
1998/06/30 01:14:18 Transaction 3 of length 63
switch message SMBtconX (pid 2021)
Trying username ipc$
ACCEPTED: validated uid ok as non-guest
found free connection number 42
Connect path is /tmp
chdir to /tmp
chdir to /root
1998/06/30 01:14:18 ensemble (127.0.0.1) connect to service IPC$ as user holbrook (uid=503,gid=504) (pid 2021)
1998/06/30 01:14:18 tconX service=ipc$ user=holbrook cnum=42
1998/06/30 01:14:18 Transaction 4 of length 637
switch message SMBtrans (pid 2021)
chdir to /tmp
trans <\PIPE\LANMAN> data=532 params=25 setup=0
named pipe command on <LANMAN> name
Got API command 214 of form <zsT> <B516B16> (tdscnt=532,tpscnt=25,mdrcnt=0,mprcnt=2)
Doing SamOEMChangePassword
api_SamOEMChangePassword: Change password for <holbrook>
Password change for user: holbrook
pty: try to open ptya0, line was /dev/ptyXX
pty: try to open ptya1, line was /dev/ptya0 <--- why the shift in pty# ?
pty: try to open ptya2, line was /dev/ptya1
pty: try to open ptya3, line was /dev/ptya2
pty: try to open ptya4, line was /dev/ptya3
pty: try to open ptya5, line was /dev/ptya4
pty: try to open ptya6, line was /dev/ptya5
pty: try to open ptya7, line was /dev/ptya6
pty: try to open ptya8, line was /dev/ptya7
pty: try to open ptya9, line was /dev/ptya8
pty: try to open ptyaa, line was /dev/ptya9
<snip>
pty: try to open ptyza, line was /dev/ptyz9
pty: try to open ptyzb, line was /dev/ptyza
pty: try to open ptyzc, line was /dev/ptyzb
pty: try to open ptyzd, line was /dev/ptyzc
pty: try to open ptyze, line was /dev/ptyzd
pty: try to open ptyzf, line was /dev/ptyze
Cannot Allocate pty for password change: holbrookend of file from client
chdir to /root
Closing connections
1998/06/30 01:14:18 ensemble (127.0.0.1) closed connection to service IPC$
Yielding connection to 42 IPC$
1998/06/30 01:14:18 Server exit (normal exit)
================
Here is the relevant section of smb.conf:
[global]
smb passwd file= /etc/smbpasswd
encrypt passwords= yes
passwd chat= "*Enter OLD password*" %o\n "*Enter NEW password*" %n\n \
"*Reenter NEW password*" %n\n "*Password Changed*"
passwd program= /usr/bin/passwd %u
unix password sync= true
passwd chat debug= yes
printing = bsd
printcap name = /etc/printcap
load printers = yes
;debug level=3
guest account = guest
log file = /var/log/samba-log.%m
max log size = 50
; case sensitive = yes
short preserve case = yes
preserve case = yes
lock directory = /var/lock/samba
locking = yes
strict locking = yes
share modes = yes
security = user
dead time= 15
socket options = TCP_NODELAY
os level = 31
local master= yes
preferred master= yes
wins server = enthalpy.biochem.wisc.edu
=========
Finally, here are the /etc/pam.d files for passwd and samba:
/etc/pam.d/passwd
#%PAM-1.0
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so retry=3
password required /lib/security/pam_pwdb.so use_authtok nullok
============
/etc/pam.d/samba
auth required /lib/security/pam_pwdb.so nullok shadow
account required /lib/security/pam_pwdb.so
----------
Thank you so much for your help.
Regards,
Jeff
More information about the samba
mailing list