[Samba] Changing password from windows
Sundaram Ramasamy
sun at percipia.com
Tue Dec 30 20:23:01 GMT 2003
Hi,
I am also getting same kind of error message with samab 2.2.8a LDAP PDC.
Here my smb.conf file.
[global]
coding system =
client code page = 850
code page directory = /usr/share/samba/codepages
netbios aliases =
netbios scope =
server string = Percipia PDC Server
interfaces =
bind interfaces only = No
security = USER
encrypt passwords = Yes
update encrypted = No
allow trusted domains = Yes
hosts equiv =
min passwd length = 5
map to guest = Never
null passwords = No
obey pam restrictions = Yes
password server =
smb passwd file = /etc/samba/smbpasswd
root directory =
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password*
%n\n*passwd:*all*authentication*tokens*updated*successfully*
passwd chat debug = Yes
username map =
password level = 0
username level = 0
unix password sync = Yes
restrict anonymous = No
lanman auth = Yes
use rhosts = No
admin log = No
log level = 103
syslog = 1
syslog only = No
log file = /var/log/samba/%m.log
max log size = 50
timestamp logs = Yes
debug hires timestamp = No
debug pid = No
debug uid = No
protocol = NT1
large readwrite = Yes
max protocol = NT1
min protocol = CORE
read bmpx = No
read raw = Yes
write raw = Yes
acl compatibility =
nt smb support = Yes
nt pipe support = Yes
nt status support = Yes
announce version = 4.9
announce as = NT
max mux = 50
max xmit = 16644
name resolve order = lmhosts host wins bcast
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = No
unix extensions = No
change notify timeout = 60
deadtime = 0
getwd cache = Yes
keepalive = 300
lpq cache time = 10
max smbd processes = 0
max disk size = 0
max open files = 10000
name cache timeout = 660
read size = 16384
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
stat cache size = 50
use mmap = Yes
total print jobs = 0
load printers = Yes
printcap name = /etc/printcap
disable spoolss = No
enumports command =
addprinter command =
deleteprinter command =
show add printer wizard = Yes
os2 driver map =
strip dot = No
mangling method = hash
character set = ISO8859-1
mangled stack = 50
stat cache = Yes
domain admin group =
domain guest group =
machine password timeout = 604800
add user script = /usr/local/sbin/smbldap-useradd.pl -m -d
/dev/null -g "Domain Computers" -s /bin/false
delete user script =
logon script =
logon path = \\%N\%U\profile
logon drive = H:
logon home = \\%N\%U
domain logons = Yes
os level = 64
lm announce = Auto
lm interval = 60
preferred master = Yes
local master = Yes
domain master = Yes
browse list = Yes
enhanced browsing = Yes
dns proxy = Yes
wins proxy = No
wins server =
wins support = Yes
wins hook =
kernel oplocks = Yes
lock spin count = 3
lock spin time = 10
oplock break wait time = 0
ldap server = 127.0.0.1
ldap port = 389
ldap suffix = "dc=sfgroup,dc=com"
ldap filter = "(&(uid=%u)(objectclass=sambaAccount))"
ldap admin dn = "cn=Manager,dc=sfgroup,dc=com"
ldap ssl = no
add share command =
change share command =
delete share command =
config file =
preload =
lock dir = /var/cache/samba
pid directory = /var/run
utmp directory =
wtmp directory =
utmp = No
default service =
message command =
dfree command =
valid chars =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map = auto.home
time offset = 0
NIS homedir = No
source environment =
panic action =
hide local users = No
host msdfs = No
winbind uid =
winbind gid =
template homedir = /home/%D/%U
template shell = /bin/false
winbind separator = \
winbind cache time = 15
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = No
comment =
path =
alternate permissions = No
username =
guest account = nobody
invalid users =
valid users =
admin users =
read list =
write list =
printer admin =
force user =
force group =
read only = Yes
create mask = 0744
force create mode = 00
security mask = 0777
force security mode = 00
directory mask = 0755
force directory mode = 00
directory security mask = 0777
force directory security mode = 00
force unknown acl user = 00
inherit permissions = No
inherit acls = No
guest only = No
guest ok = No
only user = No
hosts allow =
hosts deny =
status = Yes
nt acl support = Yes
profile acls = No
block size = 1024
max connections = 0
min print space = 0
strict allocate = No
strict sync = No
sync always = No
write cache size = 0
max print jobs = 1000
printable = No
postscript = No
printing = cups
print command = lpr -r -P%p %s
lpq command = lpq -P%p
lprm command = lprm -P%p %j
lppause command =
lpresume command =
queuepause command =
queueresume command =
printer name =
use client driver = No
default devmode = No
printer driver =
printer driver file = /etc/samba/printers.def
printer driver location =
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = Yes
mangle case = No
mangling char = ~
hide dot files = Yes
hide unreadable = No
delete veto files = No
veto files =
hide files =
veto oplock files =
map system = No
map hidden = No
map archive = Yes
mangled names = Yes
mangled map =
browseable = Yes
blocking locks = Yes
csc policy = manual
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = Yes
oplock contention limit = 2
posix locking = Yes
strict locking = No
share modes = Yes
copy =
include =
exec =
preexec close = No
postexec =
root preexec =
root preexec close = No
root postexec =
available = Yes
volume =
fstype = NTFS
set directory = No
wide links = Yes
follow symlinks = Yes
dont descend =
magic script =
magic output =
delete readonly = No
dos filemode = No
dos filetimes = No
dos filetime resolution = No
fake directory create times = No
vfs object =
vfs options =
msdfs root = No
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0664
directory mask = 0775
browseable = No
Here my password char log message:-
smb_pam_passchange_conv: PAM_PROMPT_ECHO_OFF: trying to match || to
|Enter login(LDAP) password:|
smb_pam_passchange_conv: Could not find reply for PAM prompt: Enter
login(LDAP) password:
PAM: unable to obtain the new authentication token - is password to weak?
smb_pam_error_handler: PAM: Password Change Failed : Authentication
token manipulation error
smb_pam_passchange: PAM: Password Change Failed for user sundaram!
smb_pam_end: PAM: PAM_END OK.
pop_sec_ctx (1023, 100) - sec_ctx_stack_ndx = 1
init_r_chgpasswd_user
_samr_chgpasswd_user: 1270
000000 samr_io_r_chgpasswd_user
0000 status: NT_STATUS_WRONG_PASSWORD
created /tmp/out_api_samr_rpc_55.3.prs
api_rpcTNP: called api_samr_rpc successfully
api_rpcTNP: rpc input buffer underflow (parse error?)
048c : 86 11 19 1b
pop_sec_ctx (1023, 100) - sec_ctx_stack_ndx = 0
free_pipe_context: destroying talloc pool of size 36
write_to_pipe: data_used = 1200
read_from_pipe: 732c name: samr len: 1024
read_from_pipe: samr: fault_state = 0 : data_sent_length = 0,
prs_offset(&p->out_data.rdata) = 4.
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0034
000a auth_len : 0010
000c call_id : 00000002
000010 smb_io_rpc_hdr_resp resp
0010 alloc_hint: 00000004
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
create_next_pdu: sign: Yes seal: Yes data 4 auth 16
crc32_calc_buffer: eebb0acb
[000] 6A 00 00 C0 j...
00001c smb_io_rpc_hdr_auth hdr_auth
001c auth_type : 0a
001d auth_level : 06
001e stub_type_len: 08
001f padding : 00
0020 unknown : 00000001
000024 smb_io_rpc_auth_ntlmssp_chk auth_sign
0024 ver : 00000001
0028 reserved: 00000000
002c crc32 : eebb0acb
0030 seq_num : 00000003
copy_trans_params_and_data: params[0..0] data[0..52]
size=108
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=1
smb_pid=236
smb_uid=100
smb_mid=48128
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=52 (0x34)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=52 (0x34)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=53
[000] 00 05 00 02 03 10 00 00 00 34 00 10 00 02 00 00 ........ .4......
[010] 00 04 00 00 00 00 00 00 00 75 D9 E6 97 0A 06 08 ........ .u......
[020] 00 01 00 00 00 01 00 00 00 9E 6F 43 67 0E 07 83 ........ ..oCg...
[030] 4C 75 EA 08 B8 Lu...
write_socket(12,112)
write_socket(12,112) wrote 112
got smb length of 41
got message type 0x0 of len 0x29
Transaction 8 of length 45
size=41
smb_com=0x4
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=24
smb_flg2=18439
smb_tid=1
smb_pid=65279
smb_uid=100
smb_mid=48192
smt_wct=3
smb_vwv[0]=29484 (0x732C)
smb_vwv[1]=65535 (0xFFFF)
smb_vwv[2]=65535 (0xFFFF)
smb_bcc=0
switch message SMBclose (pid 30566)
change_to_user: Skipping user change - already user
search for pipe pnum=732c
pipe name samr pnum=732c (pipes_open=1)
reply_pipe_close: pnum:732c
close_policy_by_pipe: deleted handle list for pipe samr
closed pipe name samr pnum=732c (pipes_open=0)
size=35
smb_com=0x4
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=1
smb_pid=65279
smb_uid=100
smb_mid=48192
smt_wct=0
smb_bcc=0
write_socket(12,39)
write_socket(12,39) wrote 39
got smb length of 35
got message type 0x0 of len 0x23
Transaction 9 of length 39
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=24
smb_flg2=18439
smb_tid=1
smb_pid=65279
smb_uid=100
smb_mid=48256
smt_wct=0
smb_bcc=0
switch message SMBtdis (pid 30566)
created /tmp/SMBtdis.13.req len 39
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
change_to_root_user: now uid=(0,0) gid=(0,0)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
change_to_root_user: now uid=(0,0) gid=(0,0)
rsundaram (192.168.1.140) closed connection to service IPC$
Yielding connection to IPC$
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
change_to_root_user: now uid=(0,0) gid=(0,0)
vfs_ChDir to /
created /tmp/SMBtdis.13.resp len 39
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=1
smb_pid=65279
smb_uid=100
smb_mid=48256
smt_wct=0
smb_bcc=0
write_socket(12,39)
write_socket(12,39) wrote 39
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
change_to_root_user: now uid=(0,0) gid=(0,0)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
change_to_root_user: now uid=(0,0) gid=(0,0)
Closing idle connection
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
change_to_root_user: now uid=(0,0) gid=(0,0)
Closing connections
tdb_unpack(fffdd, 37) -> 37
smb_pam_start: PAM: Init user: sundaram
smb_pam_start: PAM: setting rhost to: 192.168.1.140
smb_pam_start: PAM: setting tty
smb_pam_start: PAM: Init passed for user: sundaram
smb_internal_pam_session: PAM: tty set to: smb/2
smb_pam_end: PAM: PAM_END OK.
Yielding connection to
receive_local_message: doing select with timeout of 1 ms
Server exit (normal exit)
More information about the samba
mailing list