smbpasswd fails to change both smb and UNIX passwds simultaneously

Jeff Ballin jeff at enthalpy.biochem.wisc.edu
Tue Jun 30 06:08:20 GMT 1998 

Hello everyone,

I have not had luck with any of the documentation I have found....if the answer
to my question lay out there, point me in the right direction and I will gladly
RTFM.

I am running RedHat 5.0 on an Alpha CPU based computer.  Samba is at 1.9.18p8, 
compiled on this system with ALLOW_CHANGE_PASSWORD and PAM encryption enabled. 
I am able to log into the network and file share, etc. My problem is that I 
cannot get smbpasswd to change both the unix passwd file and the smbpasswd file
simultaneously.  If I set "unix password sync=no", smbpasswd (as a user) is 
able to change the smb password without a hitch. Using passwd directly changes 
the unix passwd file without problem.  However, with "unix password sync=yes,"
I go through the passwd chat sequence, but fail every time with 

smbpasswd: machine 127.0.0.1 rejected the password change: Error was : The 
specified password is invalid.

Below is a clip from the smb logfile at debug level 3.


=========


1998/06/30 01:14:18 Transaction 1 of length 168
switch message SMBnegprot (pid 2021)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [MICROSOFT NETWORKS 1.03]
Requested protocol [MICROSOFT NETWORKS 3.0]
Requested protocol [LANMAN1.0]
Requested protocol [LM1.2X002]
Requested protocol [Samba]
Selected protocol NT LANMAN 1.0
1998/06/30 01:14:18 Transaction 2 of length 110
switch message SMBsesssetupX (pid 2021)
Domain=[]  NativeOS=[Unix] NativeLanMan=[Samba]
sesssetupX:name=[HOLBROOK]
adding home directory holbrook at /home/holbrook
holbrook is in 2 groups
504 100 
uid 503 registered to name holbrook
Clearing default real name
1998/06/30 01:14:18 Transaction 3 of length 63
switch message SMBtconX (pid 2021)
Trying username ipc$
ACCEPTED: validated uid ok as non-guest
found free connection number 42
Connect path is /tmp
chdir to /tmp
chdir to /root
1998/06/30 01:14:18 ensemble (127.0.0.1) connect to service IPC$ as user holbrook (uid=503,gid=504) (pid 2021)
1998/06/30 01:14:18 tconX service=ipc$ user=holbrook cnum=42
1998/06/30 01:14:18 Transaction 4 of length 637
switch message SMBtrans (pid 2021)
chdir to /tmp
trans <\PIPE\LANMAN> data=532 params=25 setup=0
named pipe command on <LANMAN> name
Got API command 214 of form <zsT> <B516B16> (tdscnt=532,tpscnt=25,mdrcnt=0,mprcnt=2)
Doing SamOEMChangePassword
api_SamOEMChangePassword: Change password for <holbrook>
Password change for user: holbrook
pty: try to open ptya0, line was /dev/ptyXX
pty: try to open ptya1, line was /dev/ptya0       <--- why the shift in pty# ?
pty: try to open ptya2, line was /dev/ptya1
pty: try to open ptya3, line was /dev/ptya2
pty: try to open ptya4, line was /dev/ptya3
pty: try to open ptya5, line was /dev/ptya4
pty: try to open ptya6, line was /dev/ptya5
pty: try to open ptya7, line was /dev/ptya6
pty: try to open ptya8, line was /dev/ptya7
pty: try to open ptya9, line was /dev/ptya8
pty: try to open ptyaa, line was /dev/ptya9

<snip>

pty: try to open ptyza, line was /dev/ptyz9
pty: try to open ptyzb, line was /dev/ptyza
pty: try to open ptyzc, line was /dev/ptyzb
pty: try to open ptyzd, line was /dev/ptyzc
pty: try to open ptyze, line was /dev/ptyzd
pty: try to open ptyzf, line was /dev/ptyze
Cannot Allocate pty for password change: holbrookend of file from client
chdir to /root
Closing connections
1998/06/30 01:14:18 ensemble (127.0.0.1) closed connection to service IPC$
Yielding connection to 42 IPC$
1998/06/30 01:14:18 Server exit  (normal exit)

================

Here is the relevant section of smb.conf:


[global]

   smb passwd file= /etc/smbpasswd
   encrypt passwords= yes
   
   passwd chat= "*Enter OLD password*" %o\n "*Enter NEW password*" %n\n \
		"*Reenter NEW password*" %n\n "*Password Changed*"

   passwd program= /usr/bin/passwd %u 
   unix password sync= true
   passwd chat debug= yes 


   printing = bsd
   printcap name = /etc/printcap
   load printers = yes

;debug level=3


  guest account = guest 

   log file = /var/log/samba-log.%m
   max log size = 50

;   case sensitive = yes
    short preserve case = yes
    preserve case = yes

   lock directory = /var/lock/samba
   locking = yes
   strict locking = yes
   share modes = yes
   security = user 
   dead time= 15


   socket options = TCP_NODELAY 


   os level = 31
   local master= yes
   preferred master= yes

   wins server = enthalpy.biochem.wisc.edu 

=========

Finally, here are the /etc/pam.d files for passwd and samba:

/etc/pam.d/passwd   


#%PAM-1.0
auth       required	/lib/security/pam_pwdb.so shadow nullok
account    required	/lib/security/pam_pwdb.so
password   required	/lib/security/pam_cracklib.so retry=3
password   required	/lib/security/pam_pwdb.so use_authtok nullok


============

/etc/pam.d/samba


auth	required	/lib/security/pam_pwdb.so nullok shadow
account	required	/lib/security/pam_pwdb.so


----------


Thank you so much for your help.

Regards,

Jeff

More information about the samba mailing list