[Samba] Authentication problem after upgrade to

David Hoskinson david.hoskinson at datatrak.net
Mon Jun 18 10:14:22 MDT 2012

After upgrade from samba-3.0.33 to samba3-3.6.3-44.el5 we are receiving constraint errors when creating new users on ldap.

I am able to create the ldap user and password without any problem then my script just does a smbpasswd -a for the new user with the same password as ldap and I receive the following message:

Creating samba user account...
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=EXAMPLE))]
smbldap_open_connection: connection opened
New SMB password:Password
Retype new SMB password:Password
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=EXAMPLE))]
init_ldap_from_sam: Setting entry for user: test3
ldapsam_add_sam_account: added: uid == test3 in the LDAP database
init_sam_from_ldap: Entry found for user: test3
init_ldap_from_sam: Setting entry for user: test3
ldapsam_modify_entry: LDAP Password could not be changed for user test3: Constraint violation
        Failed to update password

Shouldn't the complexity and history of the passwords be stored in ldap?  In the past before the upgrade this worked fine.

We are using 389 directory server for our ldap authentication and are running version 389-ds-base-

This is a sanitized password, the real ones do match the complexity rules but still fail

We have 2 identical environments and both of them are behaving in the same manner after the upgrade

Thanks ahead of time for any help/suggestions

More information about the samba mailing list