Fwd: [Samba] Changing LDAP password from Windows XP

"Daniel Müller" danielmueller9 at gmx.net
Sat Mar 3 16:33:44 GMT 2007


remove the line 'passwd program = /usr/sbin/smbldap-passwd %u'
for testing.
On my Suse 10.1 I do not need this and m y users can change their passwords.


-------- Original-Nachricht --------
Datum: Fri, 2 Mar 2007 11:55:06 -0600 (CST)
Von: "Andy Colvin" <acolvin at enkitec.com>
An: samba at lists.samba.org
Betreff: [Samba] Changing LDAP password from Windows XP

I've got a very simple setup with Samba 3.0.24 running on Fedora Core 6,
talking to Fedora Directory Server 1.0.4.  I've got everything set up so
that I can add computers to the domain, add users using the smbldap-
tools, and have users logging in.  When a user tries to change their
password from within Windows (ctrl-alt-del) they get the error 

  "the user name or old password is incorrect.  letters in passwords must
be typed using the correct case."

The strange thing is that the samba passwords (sambalmpassword,
sambantpassword) are changed in the LDAP server, but the general account
password (userpassword) is not changed.  I looked everywhere I could, and
couldn't find anything to cause this.  I can set passwords just fine using
smbldap-passwd and it will set all passwords.   

Here is a copy of my smb.conf:

workgroup = MAIL
netbios name = YOURMOM
security = user
passdb backend = ldapsam:ldap://mail.yourmom.net
ldap admin dn = cn=Directory Manager
ldap suffix = dc=yourmom,dc=net 
ldap user suffix = ou=People
ldap idmap suffix = ou=People
ldap machine suffix = ou=Computers
ldap group suffix = ou=Groups
ldap passwd sync = yes
ldap delete dn = no
obey pam restrictions = no
encrypt passwords = yes 
passwd program = /usr/sbin/smbldap-passwd %u
add machine script = /usr/sbin/smbldap-useradd -w "%u"
log file = /var/log/samba/log.%m
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
os level = 255 
domain logons = yes
domain master = yes
local master = yes
preferred master = yes
wins support = yes
template shell = /bin/false
winbind use default domain = no
logon path =
logon home =

   comment = Network Logon Service
   path = /var/lib/samba/netlogon
   read only = yes 
   browseable = no

   comment = Home Directories
   browseable = no 
   read only = no 
   guest ok = no 
   create mode = 0664
   directory mode = 0775




Andy Colvin

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

"Feel free" - 5 GB Mailbox, 50 FreeSMS/Monat ...
Jetzt GMX ProMail testen: www.gmx.net/de/go/mailfooter/promail-out

More information about the samba mailing list