Fwd: [Samba] Changing LDAP password from Windows XP

Sat Mar 3 16:46:14 GMT 2007

Daniel Müller wrote:

Hi

your smb.conf file seems to be OK, however to be able to sync 
sambapasswords with userPassword try to add

unix password sync = yes

to your smb.conf

Regards,
Marcin

> Hello,
>
> remove the line 'passwd program = /usr/sbin/smbldap-passwd %u'
> for testing.
> On my Suse 10.1 I do not need this and m y users can change their passwords.
>
> greetings
> daniel
>
>
>
>
>
>
> -------- Original-Nachricht --------
> Datum: Fri, 2 Mar 2007 11:55:06 -0600 (CST)
> Von: "Andy Colvin" <acolvin at enkitec.com>
> An: samba at lists.samba.org
> CC: 
> Betreff: [Samba] Changing LDAP password from Windows XP
>
> I've got a very simple setup with Samba 3.0.24 running on Fedora Core 6,
> talking to Fedora Directory Server 1.0.4.  I've got everything set up so
> that I can add computers to the domain, add users using the smbldap-
> tools, and have users logging in.  When a user tries to change their
> password from within Windows (ctrl-alt-del) they get the error 
>
>   "the user name or old password is incorrect.  letters in passwords must
> be typed using the correct case."
>
> The strange thing is that the samba passwords (sambalmpassword,
> sambantpassword) are changed in the LDAP server, but the general account
> password (userpassword) is not changed.  I looked everywhere I could, and
> couldn't find anything to cause this.  I can set passwords just fine using
> smbldap-passwd and it will set all passwords.   
>
> Here is a copy of my smb.conf:
>
> [global]
> workgroup = MAIL
> netbios name = YOURMOM
> security = user
> passdb backend = ldapsam:ldap://mail.yourmom.net
> ldap admin dn = cn=Directory Manager
> ldap suffix = dc=yourmom,dc=net 
> ldap user suffix = ou=People
> ldap idmap suffix = ou=People
> ldap machine suffix = ou=Computers
> ldap group suffix = ou=Groups
> ldap passwd sync = yes
> ldap delete dn = no
> obey pam restrictions = no
> encrypt passwords = yes 
> passwd program = /usr/sbin/smbldap-passwd %u
> add machine script = /usr/sbin/smbldap-useradd -w "%u"
> log file = /var/log/samba/log.%m
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> os level = 255 
> domain logons = yes
> domain master = yes
> local master = yes
> preferred master = yes
> wins support = yes
> template shell = /bin/false
> winbind use default domain = no
> logon path =
> logon home =
>
> [netlogon]
>    comment = Network Logon Service
>    path = /var/lib/samba/netlogon
>    read only = yes 
>    browseable = no
>
> [homes]
>    comment = Home Directories
>    browseable = no 
>    read only = no 
>    guest ok = no 
>    create mode = 0664
>    directory mode = 0775
>
>  
>
> Thanks,
>
>  
>
> Andy Colvin
>
>   