[Samba] changing ldap passwords?
tyler at beloit.edu
Mon Jan 24 22:57:58 GMT 2005
Ok, but I seem to get this error when using smbpasswd
# smbpasswd goliath
New SMB password:
Retype new SMB password:
ldapsam_modify_entry: Failed to modify user dn=
uid=goliath,ou=People,dc=lincon,dc=beloit,dc=edu with: Insufficient access
ldapsam_update_sam_account: failed to modify user with uid = goliath,
Failed to modify entry for user goliath.
Failed to modify password entry for user goliath
I am not sure what I am doing wrong in my setups. Does this acl in
ldap's slapd.conf look ok?
access to attr=sambaLMPassword,sambaNTPassword
by * none
What about this as the account for samba password administration (ldif format)?
# samba_servers, People, lincon.beloit.edu
description: Account used by Samba servers to access user passwords
Any idea why I might be getting the error above?
At 04:05 PM 1/24/2005, you wrote:
>smbpassword should work fine for modifying the LM/NT passwords.
>Also, if your using Fedora or Redhat Enterprise server you might wish
>to check out a program we have written: www.Essay-Software.com
>Essay Software, LLC
>Tim Tyler wrote:
>> Samba experts,
>> I am using Samba 3.0.8 on an AIX 5.1 system with ldap
>> authentication. I have ldap working so that users can authenticate in
>> their samba account via ldap. However, I am trying to figure out the
>> best method for allowing users to change their ldap samba account password.
>> What is the best method to allow end users to change their LM/NT
>> passwords for Samba via LDAP?
>>Should I be using smbpasswd? Or should I be using the smbldap-tools and
>>use smbldap-passwd.pl? Or is there another option?
>>Also, what do I need to set for privileges (ACL's) on the ldap server
>>side to allow users to change their samba password (if any)?
>> Any recommendations and hints about implementing it are much appreciated!
>>Network Engineer - Beloit College
>>tyler at beloit.edu
Network Engineer - Beloit College
tyler at beloit.edu
More information about the samba