Missing sambaLMPassword in machines account entries in
Samba-LDAP
Andrew Bartlett
abartlet at samba.org
Thu Jun 17 03:07:53 GMT 2004
On Wed, 2004-06-16 at 20:36, Wong Onn Chee wrote:
> Hi,
>
> Recently, I encountered the following problem
>
> 1) I joined some Windows machines (includes NT, 2k and XP Pro
> workstations) into a Samba (3.0.4) domain with LDAP backend (OpenLDAP
> 2.1.23)
> 2) Few days later, they suddenly couldn't login to domain.
> 3) After rejoining the domain, login works fine.
>
> An investigation of the LDAP entries before and after the rejoining
> brought an interesting discovery.
>
> Before the rejoining, the machine accounts have both sambaNTPassword and
> sambaLMPassword. However, after rejoining, they only have
> sambaNTPassword, without sambaLMPassword
I don't think the lack of the LMPassword is the issue - Samba never
reads that attribute for machine accounts.
Samba 3.0.4 just doesn't set the LMPassword for machines, on the machine
password change, or for 'long' machine passwords (XP pro machines seem
to create these) for the password set.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040617/5eac47ed/attachment.bin
More information about the samba-technical
mailing list