[Samba] ldap passwd sync not working

Fabiano Caixeta Duarte fcd1976 at gmail.com
Tue Feb 12 11:20:14 GMT 2008

Hi, there!

When my XP users try to change passwords, they get a message saying that 
password has been changed. That's not true!

NT and LM passwords are changed but unixPassword isn't.

Look at this openldap.log lines:

Feb 12 07:50:28 apolo slapd[22826]: conn=698021 op=40 MOD 
Feb 12 07:50:28 apolo slapd[22826]: conn=698021 op=40 MOD 
attr=sambaLMPassword sambaLMPassword sambaNTPassword sambaNTPassword 
sambaPwdLastSet sambaPwdLastSet


My smb.conf have this ldap related options:

passdb backend = ldapsam:ldap://apolo.domain
idmap backend = ldapsam:ldap://apolo.domain
ldap suffix = dc=domain
ldap admin dn = cn=root,dc=domain
ldap ssl = start_tls
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
ldap passwd sync = yes
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/local/sbin/smbldap-userdel "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"

Fabiano Caixeta Duarte
Especialista em Redes de Computadores
Linux User #195299
Ribeirão Preto - SP
(16) 8167-2167

More information about the samba mailing list