[Samba] Password change
Robin G
robinghere3 at gmail.com
Tue Apr 24 13:45:22 UTC 2018
Hi Guys,
We are getting the following error when the users are trying to change the
password from their windows machine: "Configuration information could not
be read from the domain controller, either machine is unavailable or access
is denied"
Our Samba PDC has LDAP backend. We have the following
/etc/ldap/ldap.conf
BASE dc=testdomain
URI ldap://192.168.1.1
TLS_CACERT /etc/ldap/ca_certs.pem
TLS_REQCERT allow
access to attribute=userPassword
by:
access to attrs=userPassword,sambaNTPassword,sambaLMPassword
smb.conf for the smldap-tools bit is here
add user script = /usr/sbin/smbldap-useradd -m '%u'
passwd program = /usr/sbin/smbldap-passwd -u "%u"
passwd chat = "Changing *\nNew password*" %n\n "*Retype new
password* "%n\n"
Have the following in /etc/ldap/slapd.d/cn=config/olcDatabase{1}.hdb
olcAccess: {0}to attrs=userPassword by self write by anonymous auth by *
none
olcAccess: {1}to attrs=shadowLastChange by self write by * read
olcAccess: {2}to * by * read
olcLastMod: TRUE
olcRootDN: cn=admin,dc=testdomain
Couldn't see anything in the /samba/logs so I guess it is an issue with
LDAP?
This is a fairly new setup and don't think it has worked before.
Thank you.
More information about the samba
mailing list