[Samba] incorrect password length when joining domain, need help
Charles Hamel
charles at pingouin.ca
Fri Dec 12 19:01:51 GMT 2003
Hi
I just re-initiated by ldap sam database using smbldap-populate.pl, modified
the Administrator account (uid/gid=0). I can join the domain from a Samba
2.2.7 linux machine, it creates the machine account etc... The problem happens
with Windows 2000 SP2, It tells me wrong user/password. Here is the samba
error : decode_pw_buffer: incorrect password length (-2118884061).
Here is the full log :
Attempting administrator password change (level 23) for user workstation$
[2003/12/12 13:25:57, 0] libsmb/smbencrypt.c:decode_pw_buffer(501)
decode_pw_buffer: incorrect password length (-2118884061).
[2003/12/12 13:25:57, 0] libsmb/smbencrypt.c:decode_pw_buffer(502)
decode_pw_buffer: check that 'encrypt passwords = yes'
[2003/12/12 13:25:57, 5] rpc_parse/parse_prs.c:prs_debug(82)
000000 samr_io_r_set_userinfo
[2003/12/12 13:25:57, 5] rpc_parse/parse_prs.c:prs_ntstatus(665)
0000 status: NT_STATUS_ACCESS_DENIED
[2003/12/12 13:25:57, 5] rpc_server/srv_pipe.c:api_rpcTNP(1549)
api_rpcTNP: called samr successfully
Here is my smb.conf file
[global]
#### ADD SCRIPTS
add machine script = /usr/local/samba/share/smbldap-useradd.pl -w "%u"
add user script = /usr/local/samba/share/smbldap-useradd.pl "%u"
delete user script = /usr/local/samba/share/smbldap-userdel.pl "%u"
add group script = /usr/local/samba/share/smbldap-groupadd.pl "%g"
delete group script = /usr/local/samba/share/smbldap-groupdel.pl "%g"
add user to group script = /usr/local/samba/share/smbldap-groupmod.pl -m "%u" "%g"
delete user from group script = /usr/local/samba/share/smbldap-groupmod.pl -x
"%u" "%g"
set primary group script = /usr/local/samba/share/smbldap-usermod.pl -G "%g" "%u"
null passwords = yes
#unix charset = UTF-8
passdb backend = ldapsam:ldap://localhost/
ldap suffix = o=smb,dc=qc,dc=ca
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap admin dn = cn=root,o=smb,dc=qc,dc=ca
guest account = nobody
workgroup = LINUX
netbios name = PDC
comment = Server
security = user
encrypt passwords = yes
logon script = scripts\%U.bat
domain logons = Yes
os level = 255
preferred master = Yes
domain master = Yes
#hosts allow = 192.168.0.0/255.255.255.0
share modes = No
wins support = Yes
[homes]
path=/home/domainusers
read only = No
create mask = 0700
directory mask = 0700
locking = No
oplocks = No
[netlogon]
path = /usr/local/samba/netlogon
locking = no
read only = yes
[profiles]
path = /home/domainusers/profiles
read only = no
writeable = yes
create mask = 0600
directory mask = 0700
Here is the LDIF entry of Administrator :
dn: uid=Administrator,ou=Users,o=smb,dc=qc,dc=ca
cn: Administrator
sn: Administrator
objectClass: inetOrgPerson
objectClass: sambaSAMAccount
objectClass: posixAccount
uid: Administrator
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaHomePath: \\PDC\homes
sambaHomeDrive: U:
sambaProfilePath: \\PDC\profiles\
loginShell: /bin/false
gecos: Netbios Domain Administrator
sambaSID: S-1-5-21-3655003630-1527190663-3647191254-1000
sambaPrimaryGroupSID: S-1-5-21-3655003630-1527190663-3647191254-1001
uidNumber: 0
gidNumber: 0
homeDirectory: /
sambaLMPassword: XXXXXXXXXXXXXXXXXXXXXXXXXX (removed)
sambaAcctFlags: [U]
sambaNTPassword: XXXXXXXXXXXXXXXXXXXXXXXXXX (removed)
sambaPwdLastSet: 1071185436
sambaPwdMustChange: 1075073436
userPassword:: XXXXXXXXXXXXXXXXXXXXXXXXXX (removed)
I am running Samba 3.0.1rc1 on Redhat 9.0
Please help me
Thank you
Charles
More information about the samba
mailing list