search for: sambalmpassword

I have a Samba-PDC installation (version is 3.6.3) with openLDAP. When I change the password from a client (Windows/XP and Windows/7) the attribute "sambaNTPassword" is changed and I can log-in with the new pssword. The problem is that the content of the attribute "sambaLMPassword" is deleted. I remember that in my previous version of Samba (3.0.28) both attributes were updated. Is this correct ? Where is used the attribute "sambaLMPassword" ? Thanks Michelangelo

...u=Managers,o=stars dn: uid=lacoste,ou=Users,ou=Accounts,o=stars changetype: modify replace: userPassword userPassword:: e1NTSEF9UFZSZk1zcTNoRlFuYWhGMzRWN1BZWE5BU3U0MHNVTWo= - replace: sambaPwdMustChange sambaPwdMustChange: 1218542837 - replace: sambaPwdLastSet sambaPwdLastSet: 1187006837 - replace: sambaLMPassword sambaLMPassword: 8d16f4badd1da493aad3b435b51404ee - replace: sambaNTPassword sambaNTPassword: b39a61f16a4e11fa80580241f1d4aae8 - replace: pwdChangedTime pwdChangedTime: 20070813120717Z - replace: entryCSN entryCSN: 20070813120717Z#000000#00#000000 - replace: modifiersName modifiersName: cn=sambamgr...

Hi, what are the minimum permissions for the attributes sambaLMPassword/sambaNTPassword for the the LDAP administrator account so that Samba is just enabled to use it for authentication with ldapsam backend. It seems like auth is not enough, is this true?! Thanks, Arokux

...b_ldap.c:ldapsam_modify_entry(1651) ldapsam_modify_entry: LDAP Password could not be changed for user 10000001S: Constraint violation Failed to update password ==> /var/log/dirsrv/slapd-pruebas/audit <== time: 20100628122637 dn: uid=10000001s,XXXXXXXXXXXXX changetype: modify delete: sambaLMPassword sambaLMPassword: 0182BD0BD4444BF836077A718CCDF409 - add: sambaLMPassword sambaLMPassword: 39EAD569B79C7EA2C2265B23734E0DAC - delete: sambaNTPassword sambaNTPassword: 259745CB123A52AA2E693AAACCA2DB52 - add: sambaNTPassword sambaNTPassword: 8EC60ADEA316D957D1CF532C5841758D - delete: sambaPwdLastSet s...

...m from a php-gui, an as i see it, userPassword can have any form if the cryptation algorithm is stated before the hash, like "{md5}blahblah32bit". In the docs, it states that sambaNTPassword is a md4 hash, wich should be calculatable (haven't done it yet though). And last for the sambaLMPassword: I can't find any documentation about how it's caclulated, In some testcases i found online, it just have the same value as sambaNTPassword, but for some reason they differ in my configuration... I'm wondering in general about the sambaLMPassword attribute, is it only for OS/2 issue...

Hi, i have samba 3.0.10 + ldap backend I create users with ldiff file. I just want to know if the field *sambaLMPassword <schema.php?server_id=0&view=attributes&viewvalue=sambaLMPassword> *is no more use Can someone confirm it ? thanks

Hi I have upgraded or old samba PDC (debian lenny) to samba (debian wheezy). We use openldapto authenticate ,our linux and windows users. Now I see that if I create a new user the smbpasswd (in a script) does not create the sambaLMPassword attribute anymore. Do we still need it. I have read some info about it but its not clear if its still needed or not Thankyou for any help

...he log file and the machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for luser2 Jul 25 22:44:53 sambaserver1 smbd[18878]: ldapsam_update_sam_account: failed to modify user with uid = luser2, error: modify/delete: sambaLMPassword: no such value (Success) Jul 25 22:44:53 sambaserver1 smbd[18878]: [2005/07/25 22:44:53, 0] libsmb/smbencrypt.c:decode_pw_buffer(539) Jul 25 22:44:53 sambaserver1 smbd[18878]:...

...327 op=2 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp conn=327 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= # #conn=328 is made via nss_ldap # conn=328 fd=27 A...

...erent domain) : UNSUCESSFULL Mar 15 17:10:53 hurricane slapd[27056]: conn=29489 op=1 MOD dn="uid=pwreka,ou=people,ou=purwakarta,dc=indorama,dc=com" Mar 15 17:10:53 hurricane slapd[27056]: conn=29489 op=1 MOD attr=sambaPwdCanChange sambaPwdCanChange sambaPwdMustChange samb aPwdMustChange sambaLMPassword sambaNTPassword sambaPwdLastSet sambaPwdLastSet Mar 15 17:10:53 hurricane slapd[27056]: Entry (uid=pwreka,ou=people,ou=purwakarta,dc=indorama,dc=com), attribute 'sambaLMPas sword' cannot have multiple values Mar 15 17:10:53 hurricane slapd[27056]: entry failed schema check: attribute 's...

...ldap.c:smbldap_open(820) smbldap_open: already connected to the LDAP server [2003/12/18 18:33:32, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1173) ldapsam_modify_entry: Failed to modify user dn= uid=jchomarat3,ou=People,dc=ph onambule-tv,dc=com with: Type or value exists modify/add: sambaLMPassword: value #0 already exists [2003/12/18 18:33:32, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1366) ldapsam_update_sam_account: failed to modify user with uid = jchomarat3, error : modify/add: sambaLMPassword: value #0 already exists (Success) [2003/12/18 18:33:32, 3] smbd/sec_ctx.c:pop_sec_...

...bsmb/smbencrypt.c:decode_pw_buffer(540) decode_pw_buffer: check that 'encrypt passwords = yes' -- cut here -- And a dialog from Windows that says: "The User name or old password is incorrect. Letters in passwords must be typed using the correct case." The SambaNTPassword and SambaLMPassword entries change, but the userPassword entry does not. I'm using the ldap passwd sync = Yes option in my smb.conf since the LDAP server is used for Linux authentication as well as Samba authentication. However, if I use the smbldap-passwd utility everything works like a charm. Both the SambaL...

...fy: User [AEI]\[pgienger] from machine RADON failed authentication on named pipe samr. [2005/08/19 15:02:38, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1495) ldapsam_modify_entry: Failed to modify user dn= uid=pgienger,ou=People,dc=ae-solutions,dc=com with: No such attribute modify/delete: sambaLMPassword: no such value [2005/08/19 15:02:38, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1720) ldapsam_update_sam_account: failed to modify user with uid = pgienger, error: modify/delete: sambaLMPassword: no such value (Success) [2005/08/19 15:02:40, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1495)...

...has been changed. That's not true! NT and LM passwords are changed but unixPassword isn't. Look at this openldap.log lines: Feb 12 07:50:28 apolo slapd[22826]: conn=698021 op=40 MOD dn="uid=teste,ou=Users,dc=domain" Feb 12 07:50:28 apolo slapd[22826]: conn=698021 op=40 MOD attr=sambaLMPassword sambaLMPassword sambaNTPassword sambaNTPassword sambaPwdLastSet sambaPwdLastSet See? My smb.conf have this ldap related options: passdb backend = ldapsam:ldap://apolo.domain idmap backend = ldapsam:ldap://apolo.domain ldap suffix = dc=domain ldap admin dn = cn=root,dc=domain ldap ssl = start_tls...

Samba experts, I am using Samba 3.0.8 on an AIX 5.1 system with ldap authentication. I have ldap working so that users can authenticate in their samba account via ldap. However, I am trying to figure out the best method for allowing users to change their ldap samba account password. What is the best method to allow end users to change their LM/NT passwords for Samba via LDAP? Should

...g for a "New SMB password:" I've secured the attributes like so: access to dn.subtree="ou=People,dc=hvcc,dc=edu" attrs=userPassword by self write by dn="cn=root,dc=hvcc,dc=edu" write by * auth access to dn.subtree="ou=People,dc=hvcc,dc=edu" attrs=sambaLMPassword,sambaNTPassword by dn="cn=root,dc=hvcc,dc=edu" write by * none Per the docs, but the problem is a -D10 shows: smbldap_get_single_attribute: [sambaUserWorkstations] = [<does not exist>] smbldap_get_single_attribute: [sambaMungedDial] = [<does not exist>] smbldap_get_singl...

Hallo, I have to transfer samba passwords from an LDAP installation to a non- LDAP installation, passwddb is smbpasswd. LDAP shows "sambaLMPassword" and "sambaNTPassword"; smbpasswd needs 2 password entries. Can I copy the above LDAP passwords? If yes: what is what? Viele Gruesse! Helmut

...is what i've observed so far: * if i set in smb.conf, "ldap passwd sync = Only": when a user try to modify his password with smbpasswd, then despite the message success of the operation, one can see that the userPassword field of this user in the ldap server wasn't modified (the sambaLMPassword and sambaNTPassword wasn't modified neither but that's consistent with the man page). In fact wireshark didn't show any trace of a LDAP Password Modify extended operation sent to the ldap server * If i set in smb.conf, "ldap passwd sync = Yes": everything works. Wireshark sh...

Hey list, Right now I have Samba+LDAP working (like a charm acctually) I just have one issue. Right now Samba is authenticating the user against the sambaLMPassword and/or the sambaNTPassword attributes. I would rather it authenticated against the userPassword attribute like my unix boxes and mail servers do. Is samba capable of doing this? Otherwise I have to maintain two seperate passwords for each user. Thanks Regards, Daniel

...reet: Rechbergstr. 4 - 6 postalCode: 87727 registeredAddress: Babenhausen loginShell: /usr/uti/bash uidNumber: 2015 gidNumber: 52 homeDirectory: /node/test/ds gecos: Daniel Spannbauer,bab,27 sambaAcctFlags: [U ] sambaHomeDrive: H: sambaKickoffTime: 2147483647 sambaPwdMustChange: 2147483647 sambaLMPassword: 590C5C5A8C08D6692CC208E556B42461 sambaNTPassword: 5B43D9E033AF01F1AC8AAA97751AE14E Each time I try to login on the xp-machine both, sambaLMPassword and sambaNTPassword are deleted from the ldaptree. I increased the loglevel, but can't find anything that gives me a hint. Any clues how to f...