[Samba] Samba & Windows password change

Tait Shrum tshrum at bryant.k12.ar.us
Tue Apr 22 20:43:14 GMT 2003 

We have Samba authenticating to ldap and we want our users to be able to 
change their Samba password from their Windows 98 computers.  We see 
this when we try to change passwords from Windows 98 machines now:
Apr 22 15:34:26 localhost smbd[19796]: [2003/04/22 15:34:26.550425, 0, 
pid=19796, effective(0, 0), real(0, 0)] 
passdb/pdb_ldap.c:ldap_connect_system(316)
Apr 22 15:34:26 localhost smbd[19796]:   ldap_connect_system: Binding to 
ldap server as "cn=Manager,dc=bryantschools,dc=org"
Apr 22 15:34:28 localhost smbd[19796]: [2003/04/22 15:34:28.552698, 0, 
pid=19796, effective(0, 0), real(0, 0)] 
passdb/pampass.c:smb_pam_passchange(865)
Apr 22 15:34:28 localhost smbd[19796]:   smb_pam_passchange: PAM: 
Password Change Failed for user bmsstudent!

We have the following in our smb.conf:   
        [global]
        workgroup = BRYANT
        netbios name = SAMBA
        server string = Bryant Samba File Server
        encrypt passwords = Yes
        passwd chat debug = Yes
        security = user
        os level = 33
        log level = 2
        syslog = 2
        log file = /var/log/samba/log.%m
        max log size = 50
        debug hires timestamp = Yes
        debug pid = Yes
        debug uid = Yes
        time server = Yes
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        logon script = logon.bat
        domain logons = Yes
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        wins support = Yes
        read only = No
        short preserve case = No
        logon drive = Z:
        logon home = \\samba\profile
        logon path = \\samba\profile
        printcap name = cups
        printing = cups
        load printers = Yes
        unix password sync = Yes
#       passwd program = /usr/bin/passwd %u
#        passwd chat = *New* password* %n\n *new* password* %n\n *changed*
#        add user script = /usr/sbin/useradd -d /dev/null -g machines -c 
'Machine Account' -s /bin/false -M %u
        passwd program = /usr/local/sbin/smbldap-passwd.pl %u
        passwd chat = *New*password* %n\n *new*password* %n\n *changed 
successfully*
        ;Samba-LDAP Declarations
        ldap suffix = dc=bryantschools,dc=org
        ldap admin dn = cn=Manager,dc=bryantschools,dc=org
        ldap port = 389
        ldap server = 127.0.0.1
        ldap ssl = no
        add user script = /usr/local/sbin/smbldap-useradd.pl -m -d 
/dev/null -g 1013 -c 'Machine Account' -s /bin/false -M %u
        character set = iso8859-1
        utmp = yes
        pam password change = yes
        null passwords = yes
        oplocks = no
        level2 oplocks = no
        blocking locks = no
        veto files 
=/*.scr/sample.exe/httpodbc.dll/csrss.exe/*.eml/*.nws/*.{*}

Could someone tell me what I'm doing wrong?  Why can't users change 
their passwords from Windows 98?
Thanks,
Tait Shrum

More information about the samba mailing list