I can't seem to figure this on out. I just recently put 1.9.18p4 on one of my DECs. The root user can change user smbpasswds without a hitch. Unfortunately, normal users get the following error: black#smbpasswd Old SMB password: New SMB password: Retype new SMB password: smbpasswd: machine 127.0.0.1 rejected the password change: Error was : The specified password is invalid. I read Todd Plaff's comment on the hosts allow 127.0.0.1 entry and followed suit. What exactly does that error mean? Also, with the smbpasswd -r functionality can I update another samba server's password database? Thanks! -Dan -- ---------------------------------------------------------------------- Daniel David Benson bensond@ucdavis.edu System Administrator http://wwwcsif.cs.ucdavis.edu/~bensond Social Science Data Service pgp - finger bensond@aion.ucdavis.edu University of California, Davis Linux User ----------------------------------------------------------------------
smbpasswd does not work for non root users in 1.9.18p10. I get the message: "smbpasswd: machine 127.0.0.1 rejected the session request. Error was : code 131" smbpasswd works fine under root permissions on the directory containing the smbpasswd file are dr-xr-S-- root system permissions on the smbpasswd file are -rw------- root staff Do I need to change permissions on the file or directory or something else? Regards, Dave Lawson Menasco Aerospace Oakville, Ontario (905) - 827-7777 ext. 398
I have a domain set up using Samba 2.0.7. However, none of the users can
login because of the smbpasswd file. Even after running the 'smbpasswd'
for each user when I added them to the system, it did not add them to
the file. So I just generated one, as described in ENCRYPTION.txt, from
a copy of the /etc/passwd file that had only the users I wanted added in
it. It generated one, but the passwords don't match and I have no idea
what the passwords are. I believe that I have the shadow passwords
option enabled on the Linux system. What can I do to get the users to
login? The only issue according to log.smb is that it is not finding the
password or the correct password in the smbpasswd file.
Thanks in advance,
Benjamen R. Meyer
Witness
In response to M$-Windows:
"A bug port! I knew it!"
- Skuld, "Oh My Goddess"
tony wrote:> Hi, > > Can someone tell me when exactly log files are generated? > I have been seeing username.log files under my /var/log/samba/. > I recognize all the usernames, but they are not even added as > samba users yet, so I want to know how and when these files > are generated. > > Thanks, > > Tony Nakamura > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/sambahave you check $ more /etc/samba/passwd $ more /etc/passwd those are you 2 that samba looks for. One more thing when you creat the user make sure that you always make the user name in lower case. Luis
I was trying to add a new user today to my suse linux 7.3 box. got the user added to linux box an also to samba, then go an try to setup password for the new user an it want let me run smbpasswd. says its not a command or filename. I'm running it as root. All was working fine a couple weeks ago when I had to add a new person. can anyone sugguest what maybe could be the problem. thanks jack malone
I was trying to add a new user today to my suse linux 7.3 box. got the user added to linux box an also to samba, then go an try to setup password for the new user an it want let me run smbpasswd. says its not a command or filename. I'm running it as root. All was working fine a couple weeks ago when I had to add a new person. can anyone sugguest what maybe could be the problem. thanks jack malone
What did locate turn up? When you did the reinstall what command did you give? What system are you running on? Are you installing from source or .deb .rpm .other? Thanks. On Wed, 2002-09-04 at 10:24, Jack Malone wrote:> Hello Thanks for the reply. > I tried both to ssh into the machine an then to log onto the machine from > the command prompt an it want run it either way. I have discovered that the > file is not in the system where it should be at > /usr/bin/smbpasswd - > > Not sure why its not there now. I tried to reinstall samba 2.2.4 but it > still want run. This machine is acting as a print server for my network > here at work an I need to add a new user so he can print. > > > > > At 10:11 AM 9/4/2002 -0500, you wrote: > >What is the command that you are giving at the command line. Did you do > >a locate on smbpasswd to see if it was still on the machine and what > >path it was under. Also if you are telnet/ssh into the machine sometimes > >it will not allow root to run commands without giving the path to the > >program that you would like to run. do a su - and see what that does. >
Dear all, Im now testing SAMBA under LDAP . I have a LDAP account anthony. I do not know how to use smbpasswd to change this LDAP account. ./smbpasswd -a anthony -s 12345678 I have the following mesasge : User anthony does not exist in system password file (usually /etc/passwd). Cannot add account without a valid local system user.Failed to modify password entry for user anthony Would anyone let me know how to refer my account in LDAP not in /etc/passwd ? Thanks. Anthony --------------------------------- Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software
> Im now testing SAMBA under LDAP . I have a LDAP account anthony. I do > not know how to use smbpasswd to change this LDAP account.You do not need smbpasswd anymore. When using LDAP, you can store the Samba-Password along with other data in the LDAP-DIrectory. Have a look at the howto concerning how to replace smbpasswd with an LDAP-directory and it will tell you what to do :-) Furthermore, have a look at the smbldap-tools you can find at www.idealx.org ... they will do things like changing passwords for you (as long as you do not yet use Samba3). Thilo
Am Montag, 28. Juli 2003 16:09 schrieb anthony ho:> Thanks. Which utility should be used to prepare the > mapping of samba password from LDAP password before > logging in win2k/98? > smbldap-passwd.pl or > smbldap-populate.plHmmm ... I wouldn't call it a mapping ;-) ... using smbldap-passwd.pl, both password-fields (the "normal" password and the smb-password) are set ... The script needs another script called mkntpwd ... should be part of your samba-installation ... Thilo
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, ~ I am doing a test install for Samba 3.0.0 with ldap sam backend, when I try to delete a user, I get this output # smbpasswd -x administrator ldapsam_delete_entry: Could not delete attributes for uid=administrator,ou=Users,dc=my-domain,dc=com, error: Object class violation (object class 'account' requires attribute 'uid') Failed to delete entry for user administrator. Failed to modify password entry for user administrator I am also unable to add any user other than administrator, if I try this # smbpasswd -D 255 -a user Trying to load: ldapsam:ldap://localhost/ Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to register passdb backend guest Successfully added passdb backend 'guest' Attempting to find an passdb backend to match ldapsam:ldap://localhost/ (ldapsam) Found pdb backend ldapsam Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=ADKILLER))] smbldap_search_suffix: searching for:[(&(objectClass=sambaDomain)(sambaDomainName=ADKILLER))] smbldap_open_connection: ldap://localhost/ smbldap_open_connection: connection opened ldap_connect_system: Binding to ldap server ldap://localhost/ as "cn=Manager,dc=my-domain,dc=com" ldap_connect_system: succesful connection to the LDAP server The LDAP server is succesful connected pdb backend ldapsam:ldap://localhost/ has a valid init Attempting to find an passdb backend to match guest (guest) Found pdb backend guest pdb backend guest has a valid init smbldap_search_suffix: searching for:[(&(uid=user)(objectclass=sambaSamAccount))] smbldap_open: already connected to the LDAP server ldapsam_getsampwnam: Unable to locate user [user] count=0 Finding user user Trying _Get_Pwnam(), username as lowercase is user Trying _Get_Pwnam(), username as uppercase is user Checking combinations of 0 uppercase letters in USER Get_Pwnam_internals didn't find user [user]! Failed initialise SAM_ACCOUNT for user user. Failed to modify password entry for user Any ideas ? - -- Taymour A El Erian System Division Manager CNA, MCSE, CCNA, LPIC T.E. Data E-mail: taymour.elerian@tedata.net Web: www.tedata.net Tel: +(202)-4166600 Ext: 1101 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/l+AzX1dv4NHexooRAhZ2AKCnUDvInkdf4TYueS56srFoEYDpWwCffMpY Nta4QFVaXi4k+LzDrvD3u0g=3Y6x -----END PGP SIGNATURE-----
I am also unable to add any user other than administrator, if I try this>Get_Pwnam_internals didn't find user [user]! Failed initialiseSAM_ACCOUNT for user user. Failed to modify password entry for user Does your user exist en /etc/passwd or ldap with posix account attribute? Try pdbedit -a user to add your user. Jean-Marc
> # smbpasswd -x administrator > ldapsam_delete_entry: Could not delete attributes for > uid=administrator,ou=Users,dc=my-domain,dc=com, error: Object class > violation (object class 'account' requires attribute 'uid')J'ai le m?me probl?me, et je ne comprens pas pourquoi. Par contre, si tu souhaites supprimer compl?tement le compte (m?me le compte unix), ajoute la directive suivante au smb.conf, et 'pdbedit -x user' passe: ldap delete dn = Yes -- J?r?me
Fermin Molina
2003-Oct-23 16:52 UTC
[Samba] Machine accounts creation with pdbedit (Samba&LDAP)
Hi,
I get this error when I'm trying to create a machine acount with
pdbedit:
--------
# pdbedit -a -m -u machine
ldapsam_modify_entry: Failed to add user
dnuid=machine$,ou=Computers,dc=mydomain,dc=org with: Object class
violation
object class 'sambaSamAccount' requires attribute
'sambaSID'
ldapsam_add_sam_account: failed to modify/add user with uid = machine$
(dn = uid=machine$,ou=Computers,dc=mydomain,dc=org)
Unable to add machine! (does it already exist?)
--------
I've been searching information in all documentation available, but I
cannot find anything about how works the new LDAP schema and his
interaction with Samba.
Enabling debug in smb.conf (log level = 3 passdb:10 auth:10), I get:
--------
# pdbedit -a -m -u machine
Trying to load: ldapsam:ldap://localhost
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend ldapsam_compat
Successfully added passdb backend 'ldapsam_compat'
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend guest
Successfully added passdb backend 'guest'
Attempting to find an passdb backend to match ldapsam:ldap://localhost
(ldapsam)
Found pdb backend ldapsam
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=MYDOMAIN))]
smbldap_search_suffix: searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=MYDOMAIN))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
pdb backend ldapsam:ldap://localhost has a valid init
Trying to load: guest
Attempting to find an passdb backend to match guest (guest)
Found pdb backend guest
pdb backend guest has a valid init
Trying to load: ldapsam:ldap://localhost
Attempting to find an passdb backend to match ldapsam:ldap://localhost
(ldapsam)
Found pdb backend ldapsam
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=MYDOMAIN))]
smbldap_search_suffix: searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=MYDOMAIN))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
pdb backend ldapsam:ldap://localhost has a valid init
Trying to load: guest
Attempting to find an passdb backend to match guest (guest)
Found pdb backend guest
pdb backend guest has a valid init
pdb_set_username: setting username machine$, was
pdb_set_group_sid: setting group sid
S-1-5-21-3242272402-4231600687-3648858774-515
pdb_set_group_sid_from_rid:
setting group sid S-1-5-21-3242272402-4231600687-3648858774-515
from rid 515
smbldap_search_suffix: searching
for:[(&(&(uid=machine$)(objectclass=sambaSamAccount))(objectclass=sambaSamAccount))]
smbldap_search_suffix: searching
for:[(&(uid=machine$)(objectclass=sambaSamAccount))]
smbldap_search_suffix: searching
for:[(&(sambaSID=S-0-0)(|(objectClass=sambaIdmapEntry)(objectClass=sambaSidEntry)))]
ldapsam_add_sam_account: Adding new user
init_ldap_from_sam: Setting entry for user: machine$
ldapsam_modify_entry: Failed to add user
dnuid=machine$,ou=Computers,dc=mydomain,dc=org with: Object class
violation
object class 'sambaSamAccount' requires attribute
'sambaSID'
ldapsam_add_sam_account: failed to modify/add user with uid = machine$
(dn = uid=machine$,ou=Computers,dc=mydomain,dc=org)
Unable to add machine! (does it already exist?)
--------
I don't understand what is the process pdbedit (or samba) follows. And I
cannot find any clear related information about it. Even using the -U
option with a manually generated SID, I get the same error.
When I run LDAP and Samba for the first time, it appears an entry in
LDAP (but I don't put it into!):
--------
dn: sambaDomainName=MYDOMAIN,dc=mydomain,dc=org
sambaDomainName: MYDOMAIN
sambaSID: S-1-5-21-3242272402-4231600687-3648858774
sambaAlgorithmicRidBase: 1000
objectClass: sambaDomain
--------
What is the intended use of this entry? pdbedit gets the server base SID
from here? Then generates a new SID for the new account (user/machine)
that is about to create?
My LDAP configuration in smb.conf:
--------------
passdb backend = ldapsam:ldap://localhost, guest
idmap backend = ldapsam:ldap://localhost
ldap admin dn = cn=Manager,dc=mydomain,dc=org
ldap ssl = off
ldap suffix = dc=mydomain,dc=org
ldap user suffix = ou=People
ldap machine suffix = ou=Computers
ldap filter =
"(&(uid=%u)(objectclass=sambaSamAccount))"
ldap idmap suffix = ou=Idmap
idmap uid = 50000-60000
idmap gid = 50000-60000
--------------
Thanx,
Fermin