[Samba] Error when changing domain password in Windows XP
walk2sun at arcor.de
Fri May 27 05:42:34 MDT 2011
On 13:34:29 wrote Torkil Svensgaard:
> On 2011-05-26 15:29, Harry Jede wrote:
> > On 15:24:57 wrote Torkil Svensgaard:
> >> On 2011-05-26 13:10, Gaiseric Vandal wrote:
> >>> Do you have a password change chat script configured and defined
> >>> in smb.conf ?
> >> I've tried the following two, as well as the default blank, same
> >> result in all cases.
> >> passwd program = /usr/sbin/smbldap-passwd %u
> >> passwd program = /usr/bin/passwd %u
> >> Either works when run manually as root.
> > then you should check the ACLs in openldap
> Could you eloborate on that? The ACLs allow my admin user read and
> write access, the same admin user defined by "ldap admin dn" in
from your previous posted log:
[2011/05/26 12:22:14.392666, 5] lib/smbldap.c:1556(smbldap_modify)
smbldap_modify: dn => [uid=torkil,ou=Users,dc=drcmr,dc=local]
[2011/05/26 12:22:14.392990, 10] lib/smbldap.c:1576(smbldap_modify)
Failed to modify dn: uid=torkil,ou=Users,dc=drcmr,dc=local, error: 16
(No such attribute) (modify/delete: sambaNTPassword: no such value)
I asume that this log comes from the user torkil and NOT from root.
It looks that torkil can not read his own field sambaNTPassword.
maybe an ldapsearch can help:
ldapsearch -x -LLL -D "uid=torkil,ou=Users,dc=drcmr,dc=local" -W -b "ou=Users,dc=drcmr,dc=local" "uid=torkil"
> I'm wondering if the problem could be of timing, that first PAM
> changes the password in LDAP and then samba tries to do the same, but
> with the old password, like suggested here:
More information about the samba