[Fedora-directory-users] Problems with syncronism between Fedora-DS and Samba

Agnaldo Freitas agnaldofreitas at hotmail.com
Fri Mar 9 13:49:41 UTC 2007 

Hi List,

Since second semester of 2006, i'm trying to config Samba(PDC and BDC) + Fedora Directory Server.

Some informations:
    SO: Cent0S 4.3 x86_64
    Fedora-DS(Ldap) with Simple Bind
    Samba 3.0.10 (I'll upgrade it in next CenOS version)
    password hash: Crypt (Linux, Fedora-DS and Samba)


Problems:

1 - [root at netuno1 ~]# passwd samuel

Changing password for user samuel.
Enter login(LDAP) password:               
New UNIX password:
Retype new UNIX password:
LDAP password information changed for samuel
passwd: all authentication tokens updated successfully.


Why this line "Enter login(LDAP) password:", if is root that is changing the samuel's password? It does not happen when the user is from /etc/passwd!.


2 - Depend on pam_passord (howto:wiki sugests exop) parameter smbpasswd fails:

[root at netuno1 ~]# smbpasswd samuel
ldapsam_modify_entry: LDAP Password could not be changed for user samuel: 
Confidentiality required
        Operation requires a secure connection.
 ldapsam_update_sam_account: failed to modify user with uid = samuel, error: 
Operation requires a secure connection.
 (Success)
 Failed to modify entry for user samuel.
 Failed to modify password entry for user samuel
 

3 - When user try to change his password using CTRL + ALT + DEL from windows, after typing the passwords:

        If ldap passwd sync = yes is set in /etc/samba/smb.conf, it returns the message: current password or user's name is incorrect, in other hands, if unix                 password sync = yes (password chat ...) is set,  it returns the message: you do not have permission to modify the password,
        and only samba passwd is changed (in both cases). I need userPassword for single sign on because i use other services.

    Why the smbldap-passwd always runs ok from the prompt and not from the password program parameter ?! 

I could see in the web that many people using Openldap, also have (had) the same problem.

I am despaired, because i am has much time without obtaining the solution for this problem.

Please, help me!
What to do?

Grateful for your attention, 

Agnaldo Freitas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070309/de2b4ce5/attachment.htm>

More information about the Fedora-directory-users mailing list