[Samba] password sync does not work
gaiseric.vandal at gmail.com
Fri Nov 2 21:15:02 GMT 2007
Samba 3.026a on Solaris PDC.
I am trying to enable password sync. My smb.conf file includes...
passdb backend = tdbsam
passwd program = /usr/bin/passwd -r nis %u
# passwd chat = *New*Password* %n\n *new*Password* %n\n *changed*
# passwd chat = *New*Password* %n\n *Re-enter*new*Password* %n\n *changed*
unix password sync = Yes
passwd chat debug = yes
log level = 5
I have tried with and without "pam password change = yes"
If t try to change my password on an XP client it fails with "you do
not have permission to change your password." If I try to change a
password, as administrator, from a Windows 2000 server with User
Manager for Domains (NT4 tools) I get
"the following error occured changing the properties of the user
johnsmith- Access is denied"
The samba logs for the XP client doesn't show any failures or
rejections. It does show entries like the following, which tool me
look like things are working up to a point.
[2007/11/02 12:25:08, 3] smbd/process.c:switch_message(926)
switch message SMBtconX (pid 17953) conn 0x0
[2007/11/02 12:25:08, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2007/11/02 12:25:08, 5] auth/auth_util.c:debug_nt_user_token(448)
NT user token: (NULL)
[2007/11/02 12:25:08, 5] auth/auth_util.c:debug_unix_user_token(474)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2007/11/02 12:25:08, 5] smbd/uid.c:change_to_root_user(288)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2007/11/02 12:25:08, 4] smbd/reply.c:reply_tcon_and_X(506)
Client requested device type [?????] for share [IPC$]
[2007/11/02 12:25:08, 5] smbd/service.c:make_connection(1205)
making a connection to 'normal' service ipc$
[2007/11/02 12:25:08, 5] lib/username.c:Get_Pwnam_alloc(131)
Finding user fedora
[2007/11/02 12:25:08, 5] lib/username.c:Get_Pwnam_internals(75)
Trying _Get_Pwnam(), username as lowercase is johnsmith
[2007/11/02 12:25:08, 5] lib/username.c:Get_Pwnam_internals(108)
Get_Pwnam_internals did find user [johnsmith]!
[2007/11/02 12:25:08, 3] smbd/service.c:make_connection_snum(806)
Connect path is '/tmp' for service [IPC$]
[2007/11/02 12:25:08, 4] lib/sharesec.c:get_share_security(132)
get_share_security: using default secdesc for IPC$
More information about the samba