[Samba] Samba <-> LDAP auth

Mihail S. Dorofeev mdorofeev at sibnefteprovod.ru
Wed Oct 30 15:04:01 GMT 2002

Hello everybody!

Sorry for (maybe) a stupid question... Again:
problem with authentication against LDAP (iPlanet Directory Server 4.16), Solaris 8 SPARC server
I have compiled samba 2.2.6 --with-ldapsam option
When connecting from w2k prof workstation i see the following log files:
2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:ldap_open_connection(216)
  ldap_open_connection: connection opened
[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:ldap_connect_system(250)
  ldap_connect_system: succesful connection to the LDAP server
[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:ldap_search_one_user(262)
  ldap_search_one_user: searching for:[(&(uid=mdorofeev)(objectclass=sambaAccount))]
[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:get_single_attribute(360)
  get_single_attribute: [uid] = [mdorofeev]
---------------skiped some code  - retrieveing attributes.-------------------------------
[[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:get_single_attribute(354)
  get_single_attribute: [lmPassword] = [<does not exist>]
[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:get_single_attribute(360)
  get_single_attribute: [ntPassword] = [81030A39A1C251FCAAD3B435B51404EE]
[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:get_single_attribute(354)
  get_single_attribute: [acctFlags] = [<does not exist>]
[2002/10/22 14:42:21, 4] smbd/password.c:smb_password_ok(475)
  smb_password_ok: Checking SMB password for user mdorofeev
[2002/10/22 14:42:21, 4] smbd/password.c:smb_password_ok(499)
  smb_password_ok: Checking NT MD4 password
[2002/10/22 14:42:21, 4] smbd/password.c:smb_password_ok(504)
  smb_password_ok: NT MD4 password check failed
[2002/10/22 14:42:21, 2] smbd/password.c:pass_check_smb(575)
  pass_check_smb failed - invalid password for user [mdorofeev]
[2002/10/22 14:42:21, 2] smbd/reply.c:reply_sesssetup_and_X(972)
  NT Password did not match for user 'mdorofeev'!
[2002/10/22 14:42:21, 1] smbd/reply.c:reply_sesssetup_and_X(998)
  Rejecting user 'mdorofeev': authentication failed
The QUESTION IS : IS THERE _A_ WAY TO USE userPassword attr for Samba authentication ??
OR SYNC userPassword and ntPassword?
What i did is i ran smbpasswd, looked at the password file,  copied the string containing the encrypted password and 
inserted this value into the directory->ntPassword filed. However it didnt match :(
Maybe, there is a way to sync ntPassword and userPassword (taking care of different encryption scheme)?
This would be ONLY useful if done by LDAP server means......
I use plain text passwords in the userPassword filed for my eMail auth etc.... This also works for Solaris PAM Ldap auth.

Sincerely, mdorofeev
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the samba mailing list