[Samba] "ldap passwd sync" not working

Adam Tauno Williams awilliam at whitemice.org
Sat Feb 5 19:25:35 GMT 2005


> ---- samba 3.0.11 ----
> [root at bases samba]# smbpasswd -D 3 test
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=DOMAIN))]
> smbldap_open_connection: connection opened
> smbldap_check_root_dse: Expected one rootDSE, got 0
> ldap_connect_system: succesful connection to the LDAP server
> ldap_connect_system: LDAP server does not support paged results
> New SMB password:
> Retype new SMB password:
> smbldap_open_connection: connection opened
> smbldap_check_root_dse: Expected one rootDSE, got 0
> ldap_connect_system: succesful connection to the LDAP server
> ldap_connect_system: LDAP server does not support paged results
> init_sam_from_ldap: Entry found for user: test
> init_ldap_from_sam: Setting entry for user: test
> smbldap_open_connection: connection opened
> smbldap_check_root_dse: Expected one rootDSE, got 0
> ldap_connect_system: succesful connection to the LDAP server
> ldap_connect_system: LDAP server does not support paged results
> smbldap_check_root_dse: Expected one rootDSE, got 0
> ldap password change requested, but LDAP server does not support it -- 
> ignoring
> ldapsam_update_sam_account: successfully modified uid = test in the LDAP 
> database
> --------
> Why samba-3.0.6 can sync password and samba-3.0.11 say that may LDAP 
> server does not support it? Any ideas?

My guess: the behaviour of 3.0.11 is more correct, and something is
clearly wrong with your DSA - the client cannot read the rootDSE.
Possibly you've got an ACL doing something you don't intend;  it doesn't
look like a Samba problem.  The rootDSE is used to determine features
supported by the DSA, included the password-modify extended operation.



More information about the samba mailing list