[Samba] Password trouble with LDAP (eDirectory)

Erik Holst Trans eht at it-trans.dk
Wed Jun 9 22:45:52 GMT 2004

Hi Bruce,

Thanks for your replys.

I got i working.. allmost
Think i forgot a few things such as a "root" account in LDAP and 
"adminstrator" account in /etc/passwd.

There is a little thing with join'ed workstations.
I can only login as root, login's on other accounts get a WRONG PASSWORD 
message in the log ?

Windows 9x works great on all accounts.


brucehohl at access-4-free.com wrote:
> Sorry, I have no idea what is causing this problem.  I wish
> you luck in resolving the problem.
> Bruce
> From: Erik Holst Trans <eht at it-trans.dk>
> To: brucehohl at access-4-free.com, samba at lists.samba.org
> Subject: Re: [Samba] Password trouble with LDAP (eDirectory)
> Date: Mon, 07 Jun 2004 11:28:02 +0200
> ----- Original Message Follows -----
>>I just tied to lower the sambaPwdMustChange value, and
>>then the windows
>>   client correctly says the password is expired, and
>>prompts for a new one.
>>But the update fails because the server still does't
>>accept the password
>>  (the old one)
>>So the sambaPwdMustChange shold be fine.
>>Below is the Administrator LDAP entry.
>>I am know that the home path's are wrong, but that shold
>>not have  anything to do with my problem.
>>BTW. the Samba version is 3.0.4
>>Best regards
>>Erik Holst Trans
>>version: 1
>># LDIF Export for: uid=Administrator,o=it-trans
>># Generated by phpLDAPadmin on June 7, 2004 11:17 am
>># Server: SLSS (ldap://
>># Search Scope: base
>># Total Entries: 1
>># Entry 1: uid=Administrator,o=it-trans
>>S-1-5-21-511030576-2330128811-1600862552-512 sambaSID:
>>sambaHomePath: \\SLSS\homes sambaHomeDrive: H:
>>sambaKickoffTime: 2147483647
>>sambaLogoffTime: 2147483647
>>sambaLogonTime: 0
>>sambaPwdMustChange: 2147483647
>>sambaPwdCanChange: 1086598595
>>sambaPwdLastSet: 1086598595
>>sambaAcctFlags: [U]
>>sambaNTPassword: 2D20D252A479F485CDF5E171D93985BF
>>sambaLMPassword: 598DDCE2660D3193AAD3B435B51404EE
>>loginShell: /bin/bash
>>homeDirectory: /home/
>>gecos: Netbios Domain Administrator
>>gidNumber: 512
>>uidNumber: 0
>>uid: Administrator
>>sn: Administrator
>>objectClass: inetOrgPerson
>>objectClass: sambaSamAccount
>>objectClass: posixAccount
>>objectClass: shadowAccount
>>objectClass: organizationalPerson
>>objectClass: Person
>>objectClass: ndsLoginProperties
>>objectClass: Top
>>cn: Administrator
>>ACL: 2#entry#[Public]#messageServer
>>ACL: 2#entry#[Root]#groupMembership
>>ACL: 2#entry#[Root]#networkAddress
>>ACL: 2#subtree#uid=Administrator,o=it-trans#[All
>>Attributes Rights] ACL: 6#entry#uid=Administrator
>>,o=it-trans#loginScript ACL: 6#entry#uid=Administrator
>>brucehohl at access-4-free.com wrote:
>>>From: Erik Holst Trans <eht at it-trans.dk>
>>>To: samba at lists.samba.org
>>>Subject: [Samba] Password trouble with LDAP (eDirectory)
>>>Date: Mon, 07 Jun 2004 02:25:03 +0200
>>>>When i try to logon as a user with the correct password,
>>>>access is  denied and the log says
>>>>   check_ntlm_password:  Authentication for user
>>>>[administrator] ->  [administrator] FAILED with error
>>>Just a quick thought ... has the password expired?
>>>Check ldap attribute sambaPwdMustChange.
>>To unsubscribe from this list go to the following URL and
>>read the instructions:

More information about the samba mailing list