[Samba] Changing LDAP userPassword fails: Internal (implementation
specific) error
Adam Tauno Williams
adamtaunowilliams at gmail.com
Sun Feb 22 19:02:15 GMT 2009
openldap-2.3.27-8.el5_2.4,samba3-3.2.8-38
An smbpasswd by root to change a user's password fails with:
[root at littleboy samba]# smbpasswd adam
New SMB password:
Retype new SMB password:
ldapsam_modify_entry: LDAP Password could not be changed for user adam:
Internal (implementation specific) error
password hash failed
Failed to modify entry for user adam.
Failed to modify password entry for user adam
This changes the Samba password but fails to change the user's
userPassword (LDAP sync) password. But I can "manually" change the
password using the DC's bind DN and password:
# ldappasswd -S -H ldapi://%2fvar%2frun%2fldap2.4%2fldapi -vvvvvvvvv -x
-W -D "uid=CIFSDC,ou=System,ou=Entities,ou=SAM,o=Morrison
Industries,c=US" "cn=Adam
Williams,ou=People,ou=Entities,ou=SAM,o=Morrison Industries,c=US"
New password:
Re-enter new password:
Enter LDAP Password:
ldap_initialize( ldapi://%2fvar%2frun%2fldap2.4%2fldapi )
Result: Success (0)
Samba LDAP configuration:
passdb backend = ldapsam:ldapi://%2fvar%2frun%2fldap2.4%2fldapi
ldap ssl = no
ldap admin dn = uid=CIFSDC,ou=System,ou=Entities,ou=SAM,o=Morrison
Industries,c=US
ldap suffix = o=Morrison Industries,c=US
ldapsam:trusted = yes
ldap passwd sync = Yes
Oddly, attempting to change the password AS THE USER fails with a
different error message, either via smbpasswd or via the password change
dialog on a Win32 workstation:
bash-3.2$ smbpasswd -U adam
Old SMB password:
New SMB password:
Retype new SMB password:
machine 127.0.0.1 rejected the (anonymous) password change: Error was :
Wrong Password.
Failed to change password for adam
It always just says the user's password is wrong, although the user can
login, navigate, etc...
Is this https://bugzilla.samba.org/show_bug.cgi?id=5886 ?
More information about the samba
mailing list