[Samba] Change local password on a domain-member
Kees van Vloten
keesvanvloten at gmail.com
Wed Jun 29 19:28:23 UTC 2022
Hi All,
I order to have access to my server when Samba AD is broken for some
reason, I have some accounts defined locally and in AD with the same
UID/GID (not an issue with RFC2307 id-mapping).
Now the passwords are about to expire so I want to change them. The
domain password is simple, my desktop is also domain-member and a simple
'passwd' does the trick.
Then when I ssh to the server and type:
passwd -r files
Current Kerberos password:
it seems to ignore the "-r files" and still tries to change the domain
password. Even from the root user 'passwd -r files user1' changes the
Kerberos password.
cat /etc/nsswitch.conf
# /etc/nsswitch.conf
passwd: files systemd winbind
group: files systemd winbind
shadow: files
gshadow: files
hosts: files dns mymachines
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
I am running Debian Bullseye with Samba 4.13.13 on the members and
4.16.2 on AD-DCs.
What can I do to force passwd to change the local password?
- Kees
More information about the samba
mailing list