[Samba] Can not change password via winbind

nattapon viroonsri nattaponv at hotmail.com
Thu Oct 6 20:22:39 GMT 2005 

OS: Redhat Enterprise Linux V.4 update1
samba-client-3.0.10-1.4E
samba-common-3.0.10-1.4E
system-config-samba-1.2.21-1
samba-common-3.0.10-1.4E
samba-3.0.10-1.4E

### nsswitch.conf ###
passwd: file winbind
group: file winbind
shadow: file winbind

#### /etc/pam.d/system-auth ######
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/$ISA/pam_winbind.so use_first_pass
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so broken_shadow
account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100 
quiet
account     [default=bad success=ok user_unknown=ignore] 
/lib/security/$ISA/pam_winbind.so
account     required      /lib/security/$ISA/pam_permit.so

password    requisite     /lib/security/$ISA/pam_cracklib.so retry=3
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok 
md5 shadow
password    sufficient    /lib/security/$ISA/pam_winbind.so use_authtok
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so

##################################################
I can join window2003 as member server and everything work fine except when 
i try change password for user that i got  from active directory via winbind 
  , output show as below

[root at mail ~]# passwd user1
Changing password for user user1.
Changing password for user1
(current) NT password:
New UNIX password:
Retype new UNIX password:
passwd: System error

#####    /var/log/messages ####
Oct  7 03:00:37 localhost pam_winbind[25244]: user 'user1' granted access
Oct  7 03:00:45 localhost pam_winbind[25244]: request failed: 
NT_STATUS_PASSWORD_RESTRICTION, PAM error was 4, NT error was 
NT_STATUS_PASSWORD_RESTRICTION
Oct  7 03:00:45 localhost pam_winbind[25244]: internal module error (retval 
= 4, user = `user1'

I try to let my users to change to their own password
So have anyway to  change password on Active Directory  in linux box  
command line ?

Regards,
Nattapon

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now! 
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/

More information about the samba mailing list