[Samba] password sync does not work

Gaiseric Vandal gaiseric.vandal at gmail.com
Fri Nov 2 21:15:02 GMT 2007

Samba 3.026a on Solaris PDC.

I am trying to enable password  sync.  My smb.conf file includes...

        passdb backend = tdbsam
        passwd program =  /usr/bin/passwd -r nis  %u
#       passwd chat = *New*Password* %n\n *new*Password* %n\n *changed*
#       passwd chat = *New*Password* %n\n *Re-enter*new*Password* %n\n *changed*
        passwd chat=*New\sPassword:\s%n\nRe-enter\snew\sPassword:\s%n\npasswd:\spassword\ssucc
        unix password sync = Yes
        passwd chat debug = yes
        log level = 5

I have tried with and without  "pam password change = yes"

If t try to change my password on an  XP client it fails with "you do
not have permission to change your password."  If I try to change a
password, as administrator, from a Windows 2000 server with User
Manager for Domains (NT4 tools)  I get

"the following error occured changing the properties of the user
johnsmith- Access is denied"

The samba logs for the XP client doesn't show any failures or
rejections.  It does show entries like the following, which tool me
look like things are working up to a point.

[2007/11/02 12:25:08, 3] smbd/process.c:switch_message(926)

  switch message SMBtconX (pid 17953) conn 0x0

[2007/11/02 12:25:08, 3] smbd/sec_ctx.c:set_sec_ctx(241)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0

[2007/11/02 12:25:08, 5] auth/auth_util.c:debug_nt_user_token(448)

  NT user token: (NULL)

[2007/11/02 12:25:08, 5] auth/auth_util.c:debug_unix_user_token(474)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2007/11/02 12:25:08, 5] smbd/uid.c:change_to_root_user(288)

  change_to_root_user: now uid=(0,0) gid=(0,0)

[2007/11/02 12:25:08, 4] smbd/reply.c:reply_tcon_and_X(506)

  Client requested device type [?????] for share [IPC$]

[2007/11/02 12:25:08, 5] smbd/service.c:make_connection(1205)

  making a connection to 'normal' service ipc$

[2007/11/02 12:25:08, 5] lib/username.c:Get_Pwnam_alloc(131)

  Finding user fedora

[2007/11/02 12:25:08, 5] lib/username.c:Get_Pwnam_internals(75)

  Trying _Get_Pwnam(), username as lowercase is johnsmith
[2007/11/02 12:25:08, 5] lib/username.c:Get_Pwnam_internals(108)

  Get_Pwnam_internals did find user [johnsmith]!

[2007/11/02 12:25:08, 3] smbd/service.c:make_connection_snum(806)

  Connect path is '/tmp' for service [IPC$]

[2007/11/02 12:25:08, 4] lib/sharesec.c:get_share_security(132)

  get_share_security: using default secdesc for IPC$


More information about the samba mailing list