[Samba] incorrect password length

fde filiderba at email.it
Wed Oct 17 13:24:59 GMT 2007

Hi, I have a samba PDC with openldap, it works well but I have a
problem. When the user change the password from Windows XP I see the
following error on the log file:

  init_group_from_ldap: Entry found for group: 1101
[2007/10/17 14:23:22, 2] passdb/pdb_ldap.c:init_group_from_ldap(2140)
  init_group_from_ldap: Entry found for group: 1101
[2007/10/17 14:23:22, 0] libsmb/smbencrypt.c:decode_pw_buffer(520)
  decode_pw_buffer: incorrect password length (-855035467).
[2007/10/17 14:23:22, 0] libsmb/smbencrypt.c:decode_pw_buffer(521)
  decode_pw_buffer: check that 'encrypt passwords = yes'

Obviuosly in the smb.conf I have "encrypt passwords = yes" or I have not
any 'encrypt passwords = yes' ...
The windows xp client receive a password length error and the account
become locked..
here my smb.conf

        workgroup = MYDOMAIN
        server string = %h
        interfaces = eth0, lo
        bind interfaces only = Yes
        passdb backend = ldapsam:ldap://
        passwd chat = *New*password* %n\n *Retype*new*password:* %n\n
        username map = /etc/samba/smbusers
        enable privileges = yes
        unix password sync = Yes
        log level = 2
        log file = /var/log/samba/%I.log
        max log size = 10000
        name resolve order = wins lmhosts hosts bcast
        time server = Yes
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        ldap admin dn = cn=admin,dc=mydomain,dc=com
        ldap ssl = off
        ldap passwd sync = Yes
        ldap suffix = dc=mydomain,dc=com
        ldap machine suffix = ou=Machines
        ldap user suffix = ou=People
        ldap group suffix = ou=Group
        ldap idmap suffix = ou=People
        encrypt passwords = yes
        add user script = /usr/sbin/smbldap-useradd -m "%u"
        passwd program = /usr/sbin/smbldap-passwd "%u"
        template shell = /bin/false
        #add user script = /usr/sbin/smbldap-useradd -a -m "`echo "%u" |
tr '[:upper:]' '[:lower:]'`"
        ldap delete dn = yes
        delete user script = /usr/sbin/smbldap-userdel %u
        delete user from group script = /usr/sbin/smbldap-groupmod -x "%
u" "%g"
        add group script = /usr/sbin/smbldap-groupadd -p "%g"
        delete group script = /usr/sbin/smbldap-groupdel "%g"
        add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%
        add machine script = /usr/sbin/smbldap-useradd -w "%m"
        set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%
        logon script = %G.bat
        logon path = 
        logon drive = O:
        domain logons = Yes
        os level = 64
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        wins support = Yes
        recycle:repository = .recycle/%U
        recycle:version = True
        recycle:touch = False
        recycle:keeptree = True
        recycle:exclude = *.tmp *.temp *.TMP *.TEMP ~$*
        recycle:maxsize = 0
        case sensitive = No
        hide unreadable = Yes
        vfs object = recycle 
        veto oplock files = /*.doc/*.xls/*.mdb/*.DOC/*.XLS/

 Email.it, the professional e-mail, gratis per te: http://www.email.it/f
 In REGALO un GIOCO! Scegli GPBikes 3D,Bubble Boom, Rock City Empire
 Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=6732&d=17-10

More information about the samba mailing list