[Samba] You do not have permission to change your password

Brandon Turner brandon at msc.tamu.edu
Sun Apr 18 19:09:29 GMT 2004

We recently migrated from WindowsNT to Samba 3.0.2a.  After about two
months, we have started to notice a weird problem.  As user's passwords
expire, they are prompted to change them.  When they attempt to do so
from Windows, they get a message saying "You do not have permission to
change your password".  However, the password IS changed.  Both the
Samba and LDAP Linux passwords are changed correctly, as well as the
samba attributes (such as sambaPasswordLastSet, etc.)  Sometimes we
notice the following entry in our Samba logs:


[2004/04/17 18:13:26, 0] smbd/chgpasswd.c:check_oem_password(832)

  check_oem_password: incorrect password length (-800397408).


However sometimes this message does not appear.  When we first installed
Samba, we forced users to change their passwords from Windows and this
worked fine.  However, now 2 months later as their passwords are
beginning to expire, this error is occurring for ALL users.  The
password is ALWAYS changed however, so I am totally lost as to what is
going on.  We have not changed any settings (that we know of) since when
password changing was working and when it stopped.


I've seen a lot of posts in the past about the error message we are
receiving, however nothing substantial.  The password DOES change, so if
the packet is being decrypted wrong (the common error of several posts)
then how does Samba know what the new password is.


If you have any idea what is going on, please help.


Brandon Turner

MSC Computer Operations

Texas A&M University

More information about the samba mailing list