[Samba] password change problem and no logon servers available

Gaiseric Vandal gaiseric.vandal at gmail.com
Wed Aug 8 12:54:43 MDT 2012


I would look at the windows event log.  It may be of help.

Also "nbtstat -a" should show you the IP addresses for the domain , DC's
and master browser.     I found with both Samba and NT4 domains that
using WINS helped-  it shouldn't cause new problems at least.





On 08/08/12 12:17, Florian Scholz wrote:
> I'm not using XP anymore.. and I meant that I applied the
> http://wiki.samba.org/index.php/Windows7 stuff before adding the
> computers to the domain
>
> 2012/8/8 Gaiseric Vandal <gaiseric.vandal at gmail.com
> <mailto:gaiseric.vandal at gmail.com>>
>
>     3.  If you were able to join domain and log in to your PC, then
>     your registry settings should not be an issue.   I meant do you
>     have this problem with XP and Win 7 or only Win 7?
>
>
>
>     On 08/08/12 12:05, Florian Scholz wrote:
>>     1. Only one PDC per subnetwork (physically another town)
>>     2. I don't know if I'm using WINS but I don't think so.
>>     3. Yes, there are some registry settings you have to apply to
>>     Windows 7 to make it compatible with SAMBA 3.6
>>     4.  Yes but I don't get the temporary session message :)
>>     5. The X-flag isn't set.
>>
>>     # ASTA, asta.lan
>>     dn: sambaDomainName=ASTA,dc=asta,dc=lan
>>     objectClass: top
>>     objectClass: sambaDomain
>>     objectClass: sambaUnixIdPool
>>     sambaDomainName: ASTA
>>     sambaSID: S-1-5-21-3963991337-2686100338-2601203207
>>     sambaPwdHistoryLength: 0
>>     sambaMaxPwdAge: -1
>>     sambaLockoutThreshold: 0
>>     sambaRefuseMachinePwdChange: 0
>>     sambaLogonToChgPwd: 0
>>     sambaMinPwdAge: 0
>>     sambaForceLogoff: -1
>>     sambaMinPwdLength: 4
>>     sambaLockoutDuration: 30
>>     sambaLockoutObservationWindow: 30
>>     gidNumber: 1049
>>     sambaNextRid: 1028
>>     uidNumber: 1209
>>
>>
>>     2012/8/8 Gaiseric Vandal <gaiseric.vandal at gmail.com
>>     <mailto:gaiseric.vandal at gmail.com>>
>>
>>         Is this a single domain controller environment (1 PDC) or do
>>         you also
>>         have one or more BDC's?
>>
>>         Are you using WINS?      that should help clients find domain
>>         controllers.
>>
>>         Is there is difference between XP and Windows 7 clients?   As you
>>         probably know,  you can login to a windows machine with cached
>>         credentials even if it is not connected to the network.   I
>>         found with
>>         Windows 7 machines sometimes you may have logged into the
>>         computer with
>>         your network account, the domain controller was not reached,
>>         you get
>>         authenticated with cached credentials and you don't know
>>         there is an
>>         issue until you try changing your password.      This is more
>>         likely to
>>         happen with laptops that may get disconnected and reconnected
>>         from the
>>         network with out doing a complete shutdown 1st.
>>
>>
>>         "pdbedit -Lv username" should show you if the "X" flag is set
>>         for the
>>         user-  if the "X" flag is set the user's password should
>>         never expire
>>         even if the domain policy sets a max password age.
>>
>>         If you have an ldap browser, look at the top level
>>         sambaDomainObject.
>>         There may be  a sambamaxpwdage (n seconds) param.
>>
>>
>>         On 08/08/12 06:12, Florian Scholz wrote:
>>         > Hi,
>>         >
>>         > we are using SAMBA 3.6.1-1 (updating this archlinux machine
>>         is tooo ugly)
>>         > and 3.6.6-1 on archlinux with the LDAP (Server version is
>>         2.4.26-3) backend
>>         > and manage the users, groups and computer by using the
>>         smbldap-tools.
>>         >
>>         > Currently we are experiencing the following problems:
>>         >
>>         > 1. changing the passwords takes longer than 30 seconds <-
>>         That's bad
>>         > because we are using a gigabit ethernet network!
>>         > 2. sometimes windows tells us that the user can't change
>>         their passwords at
>>         > the current point of time
>>         > 3. sometimes windows foces the users to change their
>>         passwords (we never
>>         > told samba to do it!)
>>         > 4. sometimes windows tells us that there are no logon
>>         server available!
>>         >
>>         > Are there any known bugs regarding to these problems? Do
>>         you need further
>>         > information to investigate this problem?
>>         >
>>         > Florian Scholz
>>         >
>>         >
>>
>>
>>         --
>>         To unsubscribe from this list go to the following URL and
>>         read the
>>         instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
>
>
>




More information about the samba mailing list