[Samba] password change problem and no logon servers available

Florian Scholz florian90 at gmail.com
Wed Aug 8 10:05:42 MDT 2012 

1. Only one PDC per subnetwork (physically another town)
2. I don't know if I'm using WINS but I don't think so.
3. Yes, there are some registry settings you have to apply to Windows 7 to
make it compatible with SAMBA 3.6
4.  Yes but I don't get the temporary session message :)
5. The X-flag isn't set.

# ASTA, asta.lan
dn: sambaDomainName=ASTA,dc=asta,dc=lan
objectClass: top
objectClass: sambaDomain
objectClass: sambaUnixIdPool
sambaDomainName: ASTA
sambaSID: S-1-5-21-3963991337-2686100338-2601203207
sambaPwdHistoryLength: 0
sambaMaxPwdAge: -1
sambaLockoutThreshold: 0
sambaRefuseMachinePwdChange: 0
sambaLogonToChgPwd: 0
sambaMinPwdAge: 0
sambaForceLogoff: -1
sambaMinPwdLength: 4
sambaLockoutDuration: 30
sambaLockoutObservationWindow: 30
gidNumber: 1049
sambaNextRid: 1028
uidNumber: 1209


2012/8/8 Gaiseric Vandal <gaiseric.vandal at gmail.com>

> Is this a single domain controller environment (1 PDC) or do you also
> have one or more BDC's?
>
> Are you using WINS?      that should help clients find domain controllers.
>
> Is there is difference between XP and Windows 7 clients?   As you
> probably know,  you can login to a windows machine with cached
> credentials even if it is not connected to the network.   I found with
> Windows 7 machines sometimes you may have logged into the computer with
> your network account, the domain controller was not reached, you get
> authenticated with cached credentials and you don't know there is an
> issue until you try changing your password.      This is more likely to
> happen with laptops that may get disconnected and reconnected from the
> network with out doing a complete shutdown 1st.
>
>
> "pdbedit -Lv username" should show you if the "X" flag is set for the
> user-  if the "X" flag is set the user's password should never expire
> even if the domain policy sets a max password age.
>
> If you have an ldap browser, look at the top level sambaDomainObject.
> There may be  a sambamaxpwdage (n seconds) param.
>
>
> On 08/08/12 06:12, Florian Scholz wrote:
> > Hi,
> >
> > we are using SAMBA 3.6.1-1 (updating this archlinux machine is tooo ugly)
> > and 3.6.6-1 on archlinux with the LDAP (Server version is 2.4.26-3)
> backend
> > and manage the users, groups and computer by using the smbldap-tools.
> >
> > Currently we are experiencing the following problems:
> >
> > 1. changing the passwords takes longer than 30 seconds <- That's bad
> > because we are using a gigabit ethernet network!
> > 2. sometimes windows tells us that the user can't change their passwords
> at
> > the current point of time
> > 3. sometimes windows foces the users to change their passwords (we never
> > told samba to do it!)
> > 4. sometimes windows tells us that there are no logon server available!
> >
> > Are there any known bugs regarding to these problems? Do you need further
> > information to investigate this problem?
> >
> > Florian Scholz
> >
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list