[Samba] SAMBA / LDAP / Domain Password change problem
John Schmerold
john at katy.com
Mon Nov 29 05:53:30 GMT 2004
I have our Samba server mostly working, however it will not allow me to
change the password on the client desktop or via USRMGR. The error
message we are getting is "the system cannot change your password now
because the domain TOPC is not available". USRMGR reports "Could no find
domain controller for this domain"
Everything is authenticating properly. Any ideas?
I'm running following:
Fedora FC3
Samba 3.0.8pre1-0.pre1.3
smbldap-tools-0.8.5-3
smbstatus says:
Samba version 3.0.8pre1-0.pre1.3
PID Username Group Machine
-------------------------------------------------------------------
3146 Administrator Domain Admins ts1 (192.168.70.11)
3148 sallen Domain Users jevans (192.168.70.21)
Service pid machine Connected at
-------------------------------------------------------
sys 3146 ts1 Sun Nov 28 22:36:49 2004
sys 3148 jevans Sun Nov 28 22:38:50 2004
Our smb.conf is as follows:
[global]
force user=root
workgroup = TOPC
netbios name = FS1
server string = TOPC-FS1
hosts allow = 192.168.70. 192.168.35. 127.
printcap name = /etc/printcap
load printers = yes
cups options = raw
security = user
encrypt passwords = yes
min passwd length = 3
obey pam restrictions = no
unix password sync = Yes
passwd program = /usr/local/sbin/smbldap-passwd -u %u
passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new
password*" %n\n"
ldap passwd sync = Yes
log level = 0
syslog = 0
log file = /var/log/samba/log.%m
max log size = 100000
time server = Yes
username map = /etc/samba/smbusers
admin users= @"Domain Admins"
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces=eth1, lo
domain logons = yes
dns proxy = no
mangling method = hash2
Dos charset = 850
Unix charset = ISO8859-1
logon script = startup.bat
logon drive = F:
logon home = \\fs1\sys
logon path = \\fs1\sys
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
passdb backend = ldapsam:ldap://127.0.0.1/
ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
ldap admin dn = cn=Manager,dc=twinoakschurch,dc=org
ldap suffix = dc=twinoakschurch,dc=org
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
#delete user script = /usr/local/sbin/smbldap-userdel "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
#delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u"
"%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
#============================ Share Definitions
==============================
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = no
[homes]
comment = Home Directories
valid users = %S
writeable = yes
create mask = 0664
directory mask = 0775
browseable = Yes
[netlogon]
comment = Network Logon Service
path = /opt/samba/netlogon
[profiles]
path = /opt/samba/profiles
writeable = yes
writeable = yes
browseable = yes
create mode = 0644
directory mode = 0755
guest ok = yes
[sys]
path = /home/sys
read only = no
public = no
create mode = 0644
directory mode = 0755
--
John Schmerold
Katy Computer & Wireless
20 Meramec Station Rd
Valley Park MO 63088
636-861-6900 v
775-227-6947 f
More information about the samba
mailing list