[Samba] Samba / Ldap Password Issues - bump ;-)

Matthias Spork hallo at matthiasspork.de
Mon Apr 12 19:11:23 GMT 2004


Hello jamie,

in Samba 3 the LDAP-Schema has changed. In example: lmPassword has 
changed to sambaLMPassword

Please read this first: 
http://de.samba.org/samba/docs/man/upgrading-to-3.0.html

matze


> Sorry to repost this question.. But I am at my wits end.. The server has
> been off line for 2 weeks. So I will have to downgrade to samba 2.X by the
> end of the day unless a miracle happens ;)
> 
> I'm having some issues with samba 3 and my ldap passwords. First I'll tell
> you what I'm working with.
> 
> Ldap server is RH 7.3 and openldap 2.0.25 DBM
> 
> Samba 3.0.2a-1 using ldapsam_compat (Compiled from RPM source by me ) on
> RHEL 3
> 
> Samba 2.2.8-1.ldap on RH9
> 
> --------------
> The Samba 2 works great. Auth against ldap no problem, has been for over a
> year.
> 
> The Samba 3 does not work.. Well not really. If I change the users password
> using smbldap-passwd.pl (or the ldap webmin module) to the same (or
> - Jamie
> 
>  different) password they had before it works.
> 
> When I look at the nt and lan hashes in the ldap records they have not
> changed!
> 
> It's almost like I need to some how touch the ldap record for it to work
> 
> This is really confusing.. Any one have an idea?
> 
> - Jamie
> 
> 
> Heres a sample LDIF record
> 
> dn: uid=mimc08,ou=People,dc=newberg,dc=k12,dc=or,dc=us
> shadowLastChange: 12370
> ridctClass: sambaAccount
> objectClass: top
> objectClass: shadowAccount
> objectClass: inetorgperson
> objectClass: apple-user
> objectClass: extensibleObject
> objectClass: newberg
> lmPassword: 57E3A052197F90B0AAD3B435B51404EE
> homeDirectory: /data/students/mimc08
> ntPassword: DF32985352318202CC224ECFD06B0599
> cn: Millen Mc
> sn: null
> loginShell: /bin/false
> uid: mimc08
> 
> -------
> 
> Heres a copy of my smb.conf
> 
> # Samba config file created using SWAT
> # from 0.0.0.0 (0.0.0.0)
> # Date: 2004/04/05 14:33:34
> 
> # Global parameters
> [global]
>         log level = 10
>         wins support = Yes
>         ldap server = ldap.newberg.k12.or.us
>         ldap port = 389
>         passdb backend = ldapsam_compat:ldap://ldap.newberg.k12.or.us/,
> guest
>         ldap suffix = dc=newberg,dc=k12,dc=or,dc=us
>         ldap admin dn = uid=root,ou=People,dc=newberg,dc=k12,dc=or,dc=us
>         ldap ssl = no
> 
> [homes]
>         valid users = %S
>         read only = No
>         browseable = No
> 
> 
> 
: 11126
> primaryGroupID: 11127
> acctFlags: [U          ]
> gecos: Millen Mc
> uidNumber: 5063
> userPassword: {crypt}PIsNAk2Yp2XmU
> gidNumber: 501
> objectClass: account
> objectClass: posixAccount
> obje


More information about the samba mailing list