[Samba] password change problem and no logon servers available

Gaiseric Vandal gaiseric.vandal at gmail.com
Wed Aug 8 10:14:58 MDT 2012 

3.  If you were able to join domain and log in to your PC, then your
registry settings should not be an issue.   I meant do you have this
problem with XP and Win 7 or only Win 7?


On 08/08/12 12:05, Florian Scholz wrote:
> 1. Only one PDC per subnetwork (physically another town)
> 2. I don't know if I'm using WINS but I don't think so.
> 3. Yes, there are some registry settings you have to apply to Windows
> 7 to make it compatible with SAMBA 3.6
> 4.  Yes but I don't get the temporary session message :)
> 5. The X-flag isn't set.
>
> # ASTA, asta.lan
> dn: sambaDomainName=ASTA,dc=asta,dc=lan
> objectClass: top
> objectClass: sambaDomain
> objectClass: sambaUnixIdPool
> sambaDomainName: ASTA
> sambaSID: S-1-5-21-3963991337-2686100338-2601203207
> sambaPwdHistoryLength: 0
> sambaMaxPwdAge: -1
> sambaLockoutThreshold: 0
> sambaRefuseMachinePwdChange: 0
> sambaLogonToChgPwd: 0
> sambaMinPwdAge: 0
> sambaForceLogoff: -1
> sambaMinPwdLength: 4
> sambaLockoutDuration: 30
> sambaLockoutObservationWindow: 30
> gidNumber: 1049
> sambaNextRid: 1028
> uidNumber: 1209
>
>
> 2012/8/8 Gaiseric Vandal <gaiseric.vandal at gmail.com
> <mailto:gaiseric.vandal at gmail.com>>
>
>     Is this a single domain controller environment (1 PDC) or do you also
>     have one or more BDC's?
>
>     Are you using WINS?      that should help clients find domain
>     controllers.
>
>     Is there is difference between XP and Windows 7 clients?   As you
>     probably know,  you can login to a windows machine with cached
>     credentials even if it is not connected to the network.   I found with
>     Windows 7 machines sometimes you may have logged into the computer
>     with
>     your network account, the domain controller was not reached, you get
>     authenticated with cached credentials and you don't know there is an
>     issue until you try changing your password.      This is more
>     likely to
>     happen with laptops that may get disconnected and reconnected from the
>     network with out doing a complete shutdown 1st.
>
>
>     "pdbedit -Lv username" should show you if the "X" flag is set for the
>     user-  if the "X" flag is set the user's password should never expire
>     even if the domain policy sets a max password age.
>
>     If you have an ldap browser, look at the top level sambaDomainObject.
>     There may be  a sambamaxpwdage (n seconds) param.
>
>
>     On 08/08/12 06:12, Florian Scholz wrote:
>     > Hi,
>     >
>     > we are using SAMBA 3.6.1-1 (updating this archlinux machine is
>     tooo ugly)
>     > and 3.6.6-1 on archlinux with the LDAP (Server version is
>     2.4.26-3) backend
>     > and manage the users, groups and computer by using the
>     smbldap-tools.
>     >
>     > Currently we are experiencing the following problems:
>     >
>     > 1. changing the passwords takes longer than 30 seconds <- That's bad
>     > because we are using a gigabit ethernet network!
>     > 2. sometimes windows tells us that the user can't change their
>     passwords at
>     > the current point of time
>     > 3. sometimes windows foces the users to change their passwords
>     (we never
>     > told samba to do it!)
>     > 4. sometimes windows tells us that there are no logon server
>     available!
>     >
>     > Are there any known bugs regarding to these problems? Do you
>     need further
>     > information to investigate this problem?
>     >
>     > Florian Scholz
>     >
>     >
>
>
>     --
>     To unsubscribe from this list go to the following URL and read the
>     instructions:  https://lists.samba.org/mailman/options/samba
>
>

More information about the samba mailing list