[Samba] centos 5.11 samba3.6.23-6.el5 odd user behaviour

peter lawrie peter.lawrie at glendiscovery.co.uk
Mon Nov 10 07:00:16 MST 2014

No response received to my posting but I have solved it anyway.
I changed everyone's password, but for the two at issue last year.
The passwords for the two at issue had now expired.
Because the system was set up as a workgroup rather than a domain, no
indication of password expiry was given.
It was sheer coincidence that I had a problem with the adsl touter
necessitating its initialisation and firmware update on the day the two
passwords expired.
I only realised it was a password expiry issue when I tried logging in to
the server using SSH as one of the two users.

On 7 November 2014 13:45, peter lawrie <peter.lawrie at glendiscovery.co.uk>

> Hi
> I should have added the following from the error log in /var/log/samba
>   smb_pam_account: PAM: UNKNOWN PAM ERROR (12) during Account Management
> for User: brian
> [2014/11/07 10:30:23.702760,  0] auth/pampass.c:797(smb_pam_accountcheck)
>   smb_pam_accountcheck: PAM: Account Validation Failed - Rejecting User
> brian!
> Peter
> On 7 November 2014 13:41, peter lawrie <peter.lawrie at glendiscovery.co.uk>
> wrote:
>> Hi
>> Centos linux 5.11 server with samba3.6.23-6.el5 with workgroup (not
>> domain)
>> This system has been running for four years with no real issues.
>> There are 9 xp clients all within the workgroup, rather than connected to
>> the domain.
>> The server is used for windows shares and for openwebmail
>> This week I had a problem with the draytek 2820 adsl router.
>> I had to reset it and update to the latest 2014 firmware. - the router
>> does dhcp and dns, not the server.
>> After reconnecting, for some reason two of the users could no longer
>> connect to the server with their usual login and password. The others are
>> fine.
>> I tried smbpasswd -a and -e to reset passwords and enable the user
>> This made no difference.
>> Each workstation has the users normal login and password which matches
>> the samba login names.
>> I created new logins for these two, so instead of brian, I created brian2
>> with the same password.
>> I did not want to mess with the local profile, so now, he logs in as
>> brian, then clicks on each of the shares in windows explorer and enters
>> brian2, - then everything is fine (until he restarts of course)
>> I cannot see anything wrong with the users on samba and nothing was done
>> to the server (apart from a restart) after updating the router.
>> Before I start messing around with the samba, is there any obvious reason
>> for this?
>> smb.conf attached
>> Peter Lawrie

More information about the samba mailing list