password sync
Andrew Bartlett
abartlet at pcug.org.au
Tue Jan 8 01:30:08 GMT 2002
Christian Barth wrote:
>
> > Hi, Thanks,
> >
> > I had tried all combo's of the chat script, including copying and
> > pasting the results of the actual program, and filling in the necessary
> > variables. None of it worked. (The version below is the copied version,
> > with slight modification.)
> >
> > I added "password chat debug = yes" and log level = 100 and without
> > changing anything else, it worked. (I still can't understand why,
> > because I then changed then removed the chat debug, and reset the log
> > level, and it still worked.
>
> We had this situation too, even worse because it some times worked
> with out "password chat debug = yes" and some time not. I guessed
> that it is a time out problem and increased the timeout values in
> source/smbd/chgpasswd.c (line 213 and 224 for samba 2.0.7) form 2000
> to 12000 and 200 to 1200 and recompailed. We do not have any
> problemes since. Normaly our machine is fast engnough, so I don't
> understand, wy we had to increase the timeouts. AND: I do not no if
> this has any security impacts!!
>
> Christian
I always recommend running 2.2.2 and compiling --with-pam, setting 'pam
password change = yes' in your smb.conf. This means you must have an
/etc/pam.d/samba file containing a 'password' line, but is *much* easier
to debug becouse it doesn't use timeouts and other nasties - it uses the
PAM interface directly. We even get meaningful errors out of it :-).
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list