[Samba] Problem changing pw from win2k & xp

rmi rmi at open-challenge.nl
Wed Oct 27 09:45:22 GMT 2004


Hi here,

I have the following problem:
I have win98 / Win XP pro / Win2k Pro clients and a samba 3.0.2a server.

When i try and change passwords from a win98 client it all works fine, but when i 
try to change a pw from a win2k or win XP pro client i get a message:

"The system cannot change your password now because the domain GENERAL is not available"
(our domain is called GENERAL)

But now the funny part, when i now login to the system the password has been changed to the new password.
So it does work altho we get the annoying message from windows.

In the log.JTO (name of the client) i see some errors witch im not sure if they have anything to do with this error:

[2004/10/27 11:29:04, 5] passdb/pdb_tdb.c:tdbsam_getsampwrid(327)
 pdb_getsampwrid (TDB): error looking up RID 501 by key RID_000001f5.
 Error: Record does not exist

[2004/10/27 11:29:04, 5] passdb/secrets.c:secrets_fetch_trusted_domain_password(300)
 secrets_fetch failed!

[2004/10/27 11:29:04, 4] libsmb/ntlm_check.c:ntlm_password_check(266)
  ntlm_password_check: Checking NT MD4 password
[2004/10/27 11:29:04, 3] libsmb/ntlm_check.c:ntlm_password_check(282)
  ntlm_password_check: NT MD4 password check failed for user rmi
[2004/10/27 11:29:04, 5] auth/auth.c:check_ntlm_password(271)
  check_ntlm_password: sam authentication for user [rmi] FAILED with error NT_STATUS_WRONG_PASSWORD
[2004/10/27 11:29:04, 3] auth/auth_winbind.c:check_winbind_security(80)
  check_winbind_security: Not using winbind, requested domain [GENERAL] was for this SAM.
[2004/10/27 11:29:04, 10] auth/auth.c:check_ntlm_password(259)
  check_ntlm_password: winbind had nothing to say
[2004/10/27 11:29:04, 2] auth/auth.c:check_ntlm_password(312)
  check_ntlm_password:  Authentication for user [rmi] -> [rmi] FAILED with error NT_STATUS_WRONG_PASSWORD
[2004/10/27 11:29:04, 5] auth/auth_util.c:free_user_info(1278)
  attempting to free (and zero) a user_info structure
[2004/10/27 11:29:04, 10] auth/auth_util.c:free_user_info(1281)
  structure was created for rmi
[2004/10/27 11:29:04, 1] rpc_server/srv_pipe.c:api_pipe_ntlmssp_verify(414)
  api_pipe_ntlmssp_verify: User [GENERAL]\[rmi] from machine JTO failed authentication on named pipe samr.


Does any1 have a clue on how i can resolve this

Thx in advance

Regards,

Raoul

===== smb.conf =====
# Samba config file created using SWAT
# from 192.168.16.188 (192.168.16.188)
# Date: 2004/10/27 11:40:47

# Global parameters
[global]
	display charset = ASCII
	workgroup = GENERAL
	netbios aliases = C001
	server string = Samba Server
	password server = 
	passdb backend = tdbsam:/usr/local/samba/private/passdb.tdb, smbpasswd:/usr/local/samba/private/smbpasswd
	username map = /usr/local/samba/lib/username.map
	log level = 3 passdb:5 auth:10 winbind:2
	log file = /var/log/samba/log.%m
	max log size = 100
	name resolve order = wins lmhosts host bcast
	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
	load printers = No
	show add printer wizard = No
	add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
	logon path = 
	domain logons = Yes
	os level = 40
	preferred master = Yes
	domain master = Yes
	dns proxy = No
	wins support = Yes
	ldap ssl = no
	idmap uid = 20000-30000
	idmap gid = 20000-30000
	template primary group = oc_med
	template homedir = /opt/oet/home/%D/%U
	admin users = rmi
	dos filemode = Yes

[homes]
	comment = Home Directories
	read only = No
	veto files = /.??*/
	browseable = No

[printers]
	comment = All Printers
	path = /var/spool/samba
	printable = Yes
	browseable = No

[oc_data]
	comment = OCH Data
	path = /opt/oc/oc_data
	admin users = @symas
	read list = @oc_med
	write list = @oc_med
	read only = No
	create mask = 0770
	force create mode = 0770
	security mask = 0770
	directory mask = 0770
	directory security mask = 0770
	veto files = /lost+found/
	hide files = /lost+found/

[oet_data]
	comment = OET Data
	path = /opt/oet/oet_data
	admin users = @symas
	read list = @oc_med
	write list = @oc_med
	read only = No
	create mask = 0770
	force create mode = 0770
	security mask = 0770
	directory mask = 0770
	directory security mask = 0770
	veto files = /lost+found/
	hide files = /lost+found/

[netlogon]
	path = /opt/oc/netlogon
	guest ok = Yes


More information about the samba mailing list