[Samba] ldap+samba user cannot change his password

alphac alphac at email.it
Thu Mar 16 21:15:05 GMT 2006 

Using "ldap password sync=yes" I can modify user password as admin
through "net rpc user password" but if I try to modify it from the user
(net rpc password myuser mypw -U myuser) or from windows (ctrl+alt+del).
I get a timout error:

[2006/03/16 21:52:40, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790)
  rpc_api_pipe: Remote machine alphacserver pipe \samr fnum
0x70e9returned critical error. Error was Call timed out: server did not
respond after 10000 milliseconds
[2006/03/16 21:52:40, 0] libsmb/clientgen.c:cli_rpc_pipe_close(375)
  cli_rpc_pipe_close: cli_close failed on pipe \samr, fnum 0x70e9 to
machine alphacserver.  Error was Call timed out: server did not respond
after 10000 milliseconds

from samba (loglevel 3) logs I see:

  smbldap_open: cannot access LDAP when not root..
[2006/03/16 21:08:38, 1] lib/smbldap.c:another_ldap_try(1051)
  Connection to LDAP server failed for the 15 try!
[2006/03/16 21:08:39, 0] lib/smbldap.c:smbldap_open(922)
  smbldap_open: cannot access LDAP when not root..
[2006/03/16 21:08:39, 0] lib/smbldap.c:smbldap_search_suffix(1346)
  smbldap_search_suffix: Problem during the LDAP search:  (Time limit
exceeded)


from ldap (loglevel 256+128)

Mar 16 21:10:47 samba1 slapd[1993]: => access_allowed: read access to
"uid=test45,ou=Users,dc=vercell1" "sambaPwdLastSet" requested
Mar 16 21:10:47 samba1 slapd[1993]: <= root access granted
Mar 16 21:10:47 samba1 slapd[1993]: => access_allowed: read access to
"uid=test45,ou=Users,dc=vercell1" "userPassword" requested
Mar 16 21:10:47 samba1 slapd[1993]: <= root access granted
Mar 16 21:10:47 samba1 slapd[1993]: conn=3 op=2 SEARCH RESULT tag=101
err=0 nentries=1 text=
Mar 16 21:10:49 samba1 slapd[1993]: conn=3 op=3 MOD
dn="uid=test45,ou=Users,dc=vercell1"
Mar 16 21:10:49 samba1 slapd[1993]: conn=3 op=3 MOD attr=userPassword
Mar 16 21:10:49 samba1 slapd[1993]: <= acl_access_allowed: granted to
database root
Mar 16 21:10:49 samba1 slapd[1993]: conn=3 op=3 RESULT tag=103 err=0 text=
Mar 16 21:10:49 samba1 slapd[1993]: conn=3 op=4 UNBIND
Mar 16 21:10:49 samba1 slapd[1993]: conn=3 fd=18 closed
Mar 16 21:10:56 samba1 slapd[1991]: conn=0 fd=11 closed
Mar 16 21:11:04 samba1 slapd[1991]: conn=1 fd=12 closed
Mar 16 21:11:04 samba1 slapd[1991]: conn=2 fd=15 closed

slapd.conf acl :

access to attrs=userPassword,sambaLMPassword,sambaNTPassword
      by self write
      by anonymous auth
      by * write
access to *
      by self write
      by anonymous auth
      by * write

I granted write to everyone to see if it was an authentication related
matter but it doesn't look so.


that's a really strange behaviour


Can you help me?
-- 
Thanks

More information about the samba mailing list