[Fedora-directory-users] samba CTRL ALT DEL password sync problem

Roger Spencer rspencer at auspicecorp.com
Thu Mar 29 17:20:19 UTC 2007 

Trying changing: 

ldap passwd sync = no 
unix password sync = Yes 

Works for me. 

----- Original Message ----- 
From: "Stephane ARMANET" <stephane.armanet at ch-st-julien.fr> 
To: Fedora-directory-users at redhat.com 
Sent: Thursday, March 29, 2007 11:57:22 AM (GMT-0500) America/New_York 
Subject: [Fedora-directory-users] samba CTRL ALT DEL password sync problem 



Hello List 

I try to configure samba workig with FDS. 


It's look OK I can connect but when user try to change his password using CTRL + ALT + DEL from 
windows, after typing the passwords it returns: 
"current password or user's name is incorrect...." The samba-pasword is change but not the userPassword attribute 


The logs of samba tells: 

[2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_modify_entry(1574) 
ldapsam_modify_entry: LDAP Password could not be changed for user user1: Confidentiality required 
Operation requires a secure connection. 

[2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1720) 
ldapsam_update_sam_account: failed to modify user with uid = user1, error: Operation requires a secure connection. 
(Success) 
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(539) 
decode_pw_buffer: incorrect password length (-1886846999). 
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(540) 
decode_pw_buffer: check that 'encrypt passwords = yes' 


My smb.conf: 
[global] 


workgroup = TEST2DOM 
netbios name = SERVADM 
os level = 65 
domain logons = yes 
domain master = yes 
local master = yes 
security = user 
encrypt passwords = true 
pam password change = no 

####### CONFIG LDAP ################ 

add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -g 515 -c 'Machine Account' -s /bin/false %u 
add user script = /usr/sbin/smbldap-useradd -a -m '%u' 
delete user script = /usr/sbin/smbldap-userdel -r '%u' 
add group script = /usr/sbin/smbldap-groupadd '%g' 
delete group script = /usr/sbin/smbldap-groupdel '%g' 
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' 
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' 
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' 

# Connexion LDAP 
passdb backend = ldapsam:ldap://ds.ch-st-julien.intra 
ldap admin dn = uid=admin,dc=ch-st-julien,dc=fr 
ldap suffix = dc=ch-st-julien,dc=fr 
ldap user suffix = ou=People 
ldap group suffix = ou=Groups 
ldap machine suffix = ou=Computers 

passwd chat debug = Yes 

ldap passwd sync = yes 

unix password sync = no 
passwd program = /usr/bin/smbldap-passwd -u %U 
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\spassword:* %n\n . 


###### Gestion des ACL ####### 
nt acl support = yes 

# gestion heritage 
inherit acls = yes 



Is anyone has ever meet this problem ??? 

Thank's -- 

ARMANET Stephane 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070329/9326e680/attachment.htm>

More information about the Fedora-directory-users mailing list