[Samba] check_oem_password: incorrect password length

Roberto Morelli r.morelli at usl11.toscana.it
Thu Apr 15 10:59:25 GMT 2004

Hi everybody,
I'm an italian system administration (newbie about Samba).
I have installed on Mandrake 9.1 the rpm samba3-*-3.0.2a downloaded from 
a Samba.org's mirror.
I have configured a PDC based on ldapsam (OpenLDAP 2.1.29) that works 
fine, i use smbldap tools to manage sincronization account.

Now the problem, when I try from my W2000 Workstation to change my 
domain password I reach a error message:
UserName or Old password are wrong....Obviously these are right, not wrong.

Analizing samba log this is the message that I found:
[2004/04/15 12:07:29, 0] smbd/chgpasswd.c:check_oem_password(832)
  check_oem_password: incorrect password length (1211185023).

My old password is of  7 chars, the new of 8 chars but I have the same 
problems with password of other lengths, less and more.

If I try to change the password with:
smbpasswd -U <username> -r <PDC> i get this message on video

machine <PDC> rejected the password change: Error was : RAP86: The 
specified pas
sword is invalid.
Failed to modify password entry for user <username>

This is the section of Samba's log about this operation
[2004/04/15 12:40:00, 2] passdb/pdb_ldap.c:init_ldap_from_sam(769)
  init_ldap_from_sam: Setting entry for user: <username>
[2004/04/15 12:40:00, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1217)
  ldapsam_modify_entry: Failed to modify user dn= 
c=net with: No such attribute
        modify/delete: sambaPwdMustChange: no such value
[2004/04/15 12:40:00, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1417)
  ldapsam_update_sam_account: failed to modify user with uid = 
<username>, error: mo
dify/delete: sambaPwdMustChange: no such value (Success)
[2004/04/15 12:40:00, 2] smbd/server.c:exit_server(558)
  Closing connections

Obviously the sambaPwdMustChange attribute is one of the entry, it's 
value has no sense for me but it's present.

This is a section of my smb.conf :

workgroup = USL11-NT
netbios name = Icaro
server string = Samba Server %v
log file = /var/log/samba3/log.%m
max log size = 50
log level = 2
map to guest = bad user
security = user
encrypt passwords = yes
unix password sync = Yes
passwd program = /usr/bin/smbldap-passwd3 -o %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n 
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
os level = 65
domain master = yes
preferred master = yes
domain logons = yes
add user script = /usr/bin/smbldap-useradd3 -m "%u"
 delete user script = /usr/bin/smbldap-serdel3 "%u"
 add group script = /usr/bin/smbldap-groupadd3 -p "%g"
 delete group script = /usr/bin/smbldap-groupdel3 "%g"
 add machine script = /usr/bin/smbldap-useradd3 -w "%u"
passdb backend = ldapsam:ldap://
 ldap admin dn = "cn=Manager,dc=usl11,dc=net"
; ldap ssl = start_tls
 ldap ssl = off
 ldap suffix = dc=usl11,dc=net
 ldap group suffix = ou=Groups
 ldap user suffix = ou=Users
 ldap machine suffix = ou=Computer

Please, help me...
Thanks in advance for your help

Roberto Morelli
Azienda U.S.L. 11 Empoli

More information about the samba mailing list