[Samba] Re: samba 3.0.4 on SLES8: password sync will not work...(decode_pw_buffer: incorrect password length)

Chris Almond chris_almond at us.ibm.com
Mon May 17 22:21:32 GMT 2004


thanks - I am using a samb3-3.0.4-4 build (src rpm) from sernet.
also, I am actually seeking to get password sync in the other direction 
than that handled by pam_smbpass below.  I want a domain user (say 
running a WinXP client) to change their domain password (w/Samba as 
PDC), and cause this to also change their unix password via password 
sync.  I believe what you describe below is for sync in this direction: 
  /etc/passwd --> /etc/samba/smbpasswd

Because you pointed out PAM as a possible factor in this, I tried 
reading up a little and playing w/PAM settings in smb.conf - no luck - 
still can't sync


 > RRuegner wrote:
>
> Hi you should use the suse rpms , from ftp.suse.com people gd , or get 
> the latest smba packs from sernet ftp,
> yes and of course you have to change /etc/pam.d/login
> with something like this
> #%PAM-1.0
> # password-sync
> #
> # A sample PAM configuration that shows the use of pam_smbpass to make
> # sure private/smbpasswd is kept in sync when /etc/passwd (/etc/shadow)
> # is changed.  Useful when an expired password might be changed by an
> # application (such as ssh).
> auth       requisite        pam_nologin.so
> auth       required         pam_unix.so
> account    required         pam_unix.so
> password   requisite        pam_cracklib.so retry=3
> password   requisite        pam_unix.so shadow md5 use_authtok 
> try_first_pass
> password   required         pam_smbpass.so nullok use_authtok 
> try_first_pass
> session    required         pam_unix.so
> ###################################################################################### 
> 
> so it will work,
> be aware that you will get failure if you client has the latest ms 
> patches which breaks this feature, but it should be ok with the latest 
> version of stable samba ( which you can get at sernets ftp )
> Regards



More information about the samba mailing list