[Samba] error in smbpasswd (now in english, sorry)

Josenivaldo Benito Junior benito at fai.com.br
Thu Sep 5 19:51:00 GMT 2002 

Hi list,

    We are mounting a PDC with samba+ldap. We are using samba2.2.5 and
ldap from complanet.ath.cx/nexxus. All things go well, all tests are ok.
Now we have to put our 4000 users in ldap and /etc/passwd, for this task
we make an ldif file (for ldap) and two little scripts for linux passwd
and samba smbpasswd set, see:

script caduser:

#!/bin/bash
#
# Adiciona usuarios
for I in `< senhas2`
do
     USUARIO=`echo $I|awk -F : '{printf("F%s",$1)}'`
     HOMEDIR=`echo $I|awk -F : '{print $2}'`
     PASWORD=`echo $I|awk -F : '{print $3}'`
     echo ""
     echo "*************** Usuario: $USUARIO ***************"
     echo ""
     adduser -g alunos -d $HOMEDIR $USUARIO
     sleep 1
     echo "///////////// Password de $USUARIO //////////////"
     /home/benito/t/trocapass $USUARIO $PASWORD
     echo "_________________________________________________"
     #sleep 1;
done


trocapass:

#!/usr/bin/expect
set usuario [lindex $argv 0]
set senha [lindex $argv 1]
spawn /usr/bin/passwd $usuario
expect {
           "assword*:" {
                         sleep .5s
                         send "$senha\r"
                         exp_continue
           }
}
spawn /usr/bin/smbpasswd $usuario
expect {
           "assword*:" {
                        sleep .5s
                        send "$senha\r"
                        exp_continue
           }
}



This scripts take data of a text file like this:

0334_99:/home/samba/alunos/0334_99:secretword
0812_99:/home/samba/alunos/0812_99:wordsecret
[...]

Because username have to begin with a alfa char and not only numeric
digits we have to put F in front of RA number (user name). This
procedure is taked in caduser.

The script trocapass call passwd and pass to it the password, then it
invoke smbpasswd and pass password to it.

Well, all things go ok, unix account are included in system passwd and
shadow, the password entries in samba+ldap account are updately ok like
show this smbpasswd debug:

---- begin debug file ----
Initialising global parameters
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
doing parameter ldap server = odin
doing parameter ldap port = 389
doing parameter ldap suffix = "o=fai,c=br"
doing parameter ldap admin dn = "cn=root,o=fai,c=br"
doing parameter ldap ssl = no
doing parameter workgroup = EDUC
doing parameter netbios name = odin
handle_netbios_name: set global_myname to: ODIN
doing parameter server string = FAI - Samba Server
doing parameter printcap name = /etc/printcap
doing parameter load printers = yes
doing parameter log file = /var/log/samba/log.%I
doing parameter max log size = 50
doing parameter security = user
doing parameter null passwords = yes
doing parameter encrypt passwords = yes
doing parameter smb passwd file = /etc/samba/smbpasswd
doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
doing parameter os level = 255
doing parameter domain master = yes
doing parameter preferred master = yes
doing parameter domain logons = yes
doing parameter admin users = admmaq
doing parameter name resolve order = host wins lmhosts bcast
doing parameter wins support = yes
doing parameter dns proxy = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
set_server_role: ROLE_DOMAIN_PDC
codepage_initialise: client code page = 850
load_client_codepage: loading codepage 850.
Adding chars 0x85 0xb7 (l->u = True) (u->l = True)
Adding chars 0xa0 0xb5 (l->u = True) (u->l = True)
Adding chars 0x83 0xb6 (l->u = True) (u->l = True)
Adding chars 0xc6 0xc7 (l->u = True) (u->l = True)
Adding chars 0x84 0x8e (l->u = True) (u->l = True)
Adding chars 0x86 0x8f (l->u = True) (u->l = True)
Adding chars 0x91 0x92 (l->u = True) (u->l = True)
Adding chars 0x87 0x80 (l->u = True) (u->l = True)
Adding chars 0x8a 0xd4 (l->u = True) (u->l = True)
Adding chars 0x82 0x90 (l->u = True) (u->l = True)
Adding chars 0x88 0xd2 (l->u = True) (u->l = True)
Adding chars 0x89 0xd3 (l->u = True) (u->l = True)
Adding chars 0x8d 0xde (l->u = True) (u->l = True)
Adding chars 0xa1 0xd6 (l->u = True) (u->l = True)
Adding chars 0x8c 0xd7 (l->u = True) (u->l = True)
Adding chars 0x8b 0xd8 (l->u = True) (u->l = True)
Adding chars 0xd0 0xd1 (l->u = True) (u->l = True)
Adding chars 0xa4 0xa5 (l->u = True) (u->l = True)
Adding chars 0x95 0xe3 (l->u = True) (u->l = True)
Adding chars 0xa2 0xe0 (l->u = True) (u->l = True)
Adding chars 0x93 0xe2 (l->u = True) (u->l = True)
Adding chars 0xe4 0xe5 (l->u = True) (u->l = True)
Adding chars 0x94 0x99 (l->u = True) (u->l = True)
Adding chars 0x9b 0x9d (l->u = True) (u->l = True)
Adding chars 0x97 0xeb (l->u = True) (u->l = True)
Adding chars 0xa3 0xe9 (l->u = True) (u->l = True)
Adding chars 0x96 0xea (l->u = True) (u->l = True)
Adding chars 0x81 0x9a (l->u = True) (u->l = True)
Adding chars 0xec 0xed (l->u = True) (u->l = True)
Adding chars 0xe7 0xe8 (l->u = True) (u->l = True)
Adding chars 0x9c 0x0 (l->u = False) (u->l = False)
load_dos_unicode_map: 850
load_unicode_map: loading unicode map for codepage 850.
load_unix_unicode_map: ISO8859-1 (init_done=0, override=0)
load_unicode_map: loading unicode map for codepage ISO8859-1.
ldap_open_connection: starting...
Initializing connection to odin on port 389
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as "cn=root,o=fai,c=br"
ldap_connect_system: succesful connection to the LDAP server
ldap_search_one_user: searching
for:[(&(uid=F1054_00)(objectclass=sambaAccount))]
get_single_attribute: [uid] = [F1054_00]
Entry found for user: F1054_00
get_single_attribute: [pwdLastSet] = [<does not exist>]
get_single_attribute: [logonTime] = [<does not exist>]
get_single_attribute: [logoffTime] = [<does not exist>]
get_single_attribute: [kickoffTime] = [<does not exist>]
get_single_attribute: [pwdCanChange] = [<does not exist>]
get_single_attribute: [pwdMustChange] = [<does not exist>]
get_single_attribute: [cn] = [F1054_00]
get_single_attribute: [homeDrive] = [H:]
get_single_attribute: [smbHome] = [\\odin\1054_00]
get_single_attribute: [scriptPath] = [<does not exist>]
scriptPath fell back to
get_single_attribute: [profilePath] = [\\odin\profiles\1054_00]
get_single_attribute: [description] = [<does not exist>]
get_single_attribute: [userWorkstations] = [<does not exist>]
get_single_attribute: [rid] = [6939]
get_single_attribute: [primaryGroupID] = [1409]
get_single_attribute: [lmPassword] = [<does not exist>]
get_single_attribute: [ntPassword] = [<does not exist>]
get_single_attribute: [acctFlags] = [[UX         ]]
pdb_set_nt_passwd: NT hash non NULL overwritting ?
pdb_set_lanman_passwd: LM hash non NULL overwritting ?
ldap_open_connection: starting...
Initializing connection to odin on port 389
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as "cn=root,o=fai,c=br"
ldap_connect_system: succesful connection to the LDAP server
ldap_search_one_user: searching
for:[(&(uid=F1054_00)(objectclass=sambaAccount))]
Setting entry for user: F1054_00
successfully modified uid = F1054_00 in the LDAP database
Password changed for user F1054_00.
ldap_open_connection: starting...
Initializing connection to odin on port 389
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as "cn=root,o=fai,c=br"
ldap_connect_system: succesful connection to the LDAP server
ldap_search_one_user: searching
for:[(&(uid=F1054_00)(objectclass=sambaAccount))]
get_single_attribute: [uid] = [F1054_00]
Entry found for user: F1054_00
get_single_attribute: [pwdLastSet] = [1030461911]
get_single_attribute: [logonTime] = [2147483647]
get_single_attribute: [logoffTime] = [2147483647]
get_single_attribute: [kickoffTime] = [2147483647]
get_single_attribute: [pwdCanChange] = [2147483647]
get_single_attribute: [pwdMustChange] = [2147483647]
get_single_attribute: [cn] = [F1054_00]
get_single_attribute: [homeDrive] = [H:]
get_single_attribute: [smbHome] = [\\odin\1054_00]
get_single_attribute: [scriptPath] = [<does not exist>]
scriptPath fell back to
get_single_attribute: [profilePath] = [\\odin\profiles\1054_00]
get_single_attribute: [description] = [<does not exist>]
get_single_attribute: [userWorkstations] = [<does not exist>]
get_single_attribute: [rid] = [6939]
get_single_attribute: [primaryGroupID] = [1409]
get_single_attribute: [lmPassword] = [02D093CE93078E8FAAD3B435B51404EE]
get_single_attribute: [ntPassword] = [CAF13C4F321B608B27FD75D2549BA53C]
get_single_attribute: [acctFlags] = [[UX         ]]
Password changed for user F1054_00.

---- end of debug file ----

But, after a random number of entries in senhas2 (txt file that contain
users) have been processed the linux accounts continue to be included
normaly but smbpasswd gets errors like this:

---- begin of debug file ----
Initialising global parameters
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
doing parameter ldap server = odin
doing parameter ldap port = 389
doing parameter ldap suffix = "o=fai,c=br"
doing parameter ldap admin dn = "cn=root,o=fai,c=br"
doing parameter ldap ssl = no
doing parameter workgroup = EDUC
doing parameter netbios name = odin
handle_netbios_name: set global_myname to: ODIN
doing parameter server string = FAI - Samba Server
doing parameter printcap name = /etc/printcap
doing parameter load printers = yes
doing parameter log file = /var/log/samba/log.%I
doing parameter max log size = 50
doing parameter security = user
doing parameter null passwords = yes
doing parameter encrypt passwords = yes
doing parameter smb passwd file = /etc/samba/smbpasswd
doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
doing parameter os level = 255
doing parameter domain master = yes
doing parameter preferred master = yes
doing parameter domain logons = yes
doing parameter admin users = admmaq
doing parameter name resolve order = host wins lmhosts bcast
doing parameter wins support = yes
doing parameter dns proxy = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
set_server_role: ROLE_DOMAIN_PDC
codepage_initialise: client code page = 850
load_client_codepage: loading codepage 850.
Adding chars 0x85 0xb7 (l->u = True) (u->l = True)
Adding chars 0xa0 0xb5 (l->u = True) (u->l = True)
Adding chars 0x83 0xb6 (l->u = True) (u->l = True)
Adding chars 0xc6 0xc7 (l->u = True) (u->l = True)
Adding chars 0x84 0x8e (l->u = True) (u->l = True)
Adding chars 0x86 0x8f (l->u = True) (u->l = True)
Adding chars 0x91 0x92 (l->u = True) (u->l = True)
Adding chars 0x87 0x80 (l->u = True) (u->l = True)
Adding chars 0x8a 0xd4 (l->u = True) (u->l = True)
Adding chars 0x82 0x90 (l->u = True) (u->l = True)
Adding chars 0x88 0xd2 (l->u = True) (u->l = True)
Adding chars 0x89 0xd3 (l->u = True) (u->l = True)
Adding chars 0x8d 0xde (l->u = True) (u->l = True)
Adding chars 0xa1 0xd6 (l->u = True) (u->l = True)
Adding chars 0x8c 0xd7 (l->u = True) (u->l = True)
Adding chars 0x8b 0xd8 (l->u = True) (u->l = True)
Adding chars 0xd0 0xd1 (l->u = True) (u->l = True)
Adding chars 0xa4 0xa5 (l->u = True) (u->l = True)
Adding chars 0x95 0xe3 (l->u = True) (u->l = True)
Adding chars 0xa2 0xe0 (l->u = True) (u->l = True)
Adding chars 0x93 0xe2 (l->u = True) (u->l = True)
Adding chars 0xe4 0xe5 (l->u = True) (u->l = True)
Adding chars 0x94 0x99 (l->u = True) (u->l = True)
Adding chars 0x9b 0x9d (l->u = True) (u->l = True)
Adding chars 0x97 0xeb (l->u = True) (u->l = True)
Adding chars 0xa3 0xe9 (l->u = True) (u->l = True)
Adding chars 0x96 0xea (l->u = True) (u->l = True)
Adding chars 0x81 0x9a (l->u = True) (u->l = True)
Adding chars 0xec 0xed (l->u = True) (u->l = True)
Adding chars 0xe7 0xe8 (l->u = True) (u->l = True)
Adding chars 0x9c 0x0 (l->u = False) (u->l = False)
load_dos_unicode_map: 850
load_unicode_map: loading unicode map for codepage 850.
load_unix_unicode_map: ISO8859-1 (init_done=0, override=0)
load_unicode_map: loading unicode map for codepage ISO8859-1.
tdb(unknown): tdb_brlock failed (fd=3) at offset 4 rw_type=1 lck_type=6
ldap_open_connection: starting...
Initializing connection to odin on port 389
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as "cn=root,o=fai,c=br"
ldap_connect_system: succesful connection to the LDAP server
ldap_search_one_user: searching
for:[(&(uid=F0812_99)(objectclass=sambaAccount))]
get_single_attribute: [uid] = [F0812_99]
Entry found for user: F0812_99
get_single_attribute: [pwdLastSet] = [<does not exist>]
get_single_attribute: [logonTime] = [<does not exist>]
get_single_attribute: [logoffTime] = [<does not exist>]
get_single_attribute: [kickoffTime] = [<does not exist>]
get_single_attribute: [pwdCanChange] = [<does not exist>]
get_single_attribute: [pwdMustChange] = [<does not exist>]
get_single_attribute: [cn] = [F0812_99]
get_single_attribute: [homeDrive] = [H:]
get_single_attribute: [smbHome] = [\\odin\0812_99\]
get_single_attribute: [scriptPath] = [<does not exist>]
scriptPath fell back to
get_single_attribute: [profilePath] = [\\odin\profiles\0812_99\]
get_single_attribute: [description] = [<does not exist>]
get_single_attribute: [userWorkstations] = [<does not exist>]
get_single_attribute: [rid] = [7597]
get_single_attribute: [primaryGroupID] = [1409]
init_sam_from_ldap: User [F0812_99] does not ave a uid!
ldap_open_connection: starting...
Initializing connection to odin on port 389
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as "cn=root,o=fai,c=br"
ldap_connect_system: succesful connection to the LDAP server
ldap_search_one_user: searching for:[(&(uid=)(objectclass=sambaAccount))]
No user to modify!
Password changed for user F0812_99.

---- end debug file ----

And no other account can be password changed anymore. The unique
solution is to delete ldap base and begin again from the ldif file
contain users information.

We does not have any idea about was causing this. What is? Any idea?

tanks a lot

Benito and Guilherme
FAI
Adamantina - SP - Brazil

More information about the samba mailing list