[Samba] Samba + ldap, acounts expiring? but pdbedit says otherwise

jmailand at lane.k12.or.us jmailand at lane.k12.or.us
Sat Feb 11 01:03:25 GMT 2006 

Apologies if this is a RTFM issue...

My first question is: anyone know of code that can assist in going through samba
logfiles (looking for errors, etc.)?

I have what appears to be a password expiration problem.  User X has been able to
mount a shared drive off the samba box using his login/password.  Suddenly it
doesn't appear to work: he can run "net use Z: \\server\share" from his XP box, it
tries to mount the drive, pops up with an invalid user/pw type of error, prompts for
credentials.  Enter what had been valid credentials, doesn't work.

I ssh over to samba box, run pdbedit -L -v, his account expiration stuff looks like
this:

Logon time:           0
Logoff time:          Mon, 18 Jan 2038 19:14:07 GMT
Kickoff time:         Mon, 18 Jan 2038 19:14:07 GMT
Password last set:    Wed, 11 Jan 2006 00:11:57 GMT
Password can change:  0
Password must change: Fri, 11 Jan 2008 00:11:57 GMT

Also, if I slapcat the ldap morass into a file and check the expiration time it's
also in the future:

sambaPwdMustChange: 1200039117 <- by my calculation the same date as listed above.

We tried again, no soap.  Reset password on server using the smbldap-password
command, drive mounts fine.

You could say that he was typing in the wrong password, but for one he administers a
bunch of machines and is used to typing in passwords, and for two I had to run
through all my users over the course of a couple of days and have them reset their
passwords, same type of thing.

Is there any other place I should be looking for something that would cause
credentials not to work?  I thought PAM, but all the account cruft is in LDAP and
the data therein looks good (e.g. this user doesn't have an entry in /etc/password
or /etc/shadow also).  XP weirdness?  It's probably worth mentioning that we don't
do any kind of policy management on XP, stock xp pro installs from CD.

Samba 3.0.20b
openldap-2.2.13-4
idealx tools 0.9.1
Red Hat AS4

If that matters.

Thanks for any hints or clues where to look!


-- 
Joe Mailander
jmailand at lane.k12.or.us

More information about the samba mailing list