I've searched the archives for an answer to this
problem, and yet nothing that works seems to have
been posted. I've seen it posted many times
In my particular case, I'm running
Samba 2.0.6 on Solaris 2.5.1, configured with the
--with-smbwrapper, --with-automount, and
--with-syslog options. I also have samba set up
as a PDC, and that seems to be working fine. A
stripped down version of my smb.conf file is included
below.
My client machines are W95 OSR2, and am using the
encrypetd passwords. I'm having the same problems
that others are: Ordinary users cannot change
their smb passwords. When trying to change the password
through the control panel, it gives an "invalid
password" message. Fine, the user should just log
into the unix server and use smbpasswd. What follows
is what echos to the screen:
% smbpasswd
added interface ip=<deleted> bcast=<deleted> nmask=255.255.255.0
Old SMB password:
New SMB password:
Retype new SMB password:
machine 127.0.0.1 rejected the password change: Error was : The specified
password is invalid.
Failed to change password for <user>
Here's what my log.smb says (log level = 2):
[2000/03/21 14:08:36, 2] smbd/server.c:main(735)
Changed root to /
[2000/03/21 14:08:36, 2] lib/access.c:check_access(258)
Allowed connection from localhost (127.0.0.1)
[2000/03/21 14:08:36, 2] smbd/reply.c:reply_special(97)
netbios connect: name1=127.0.0.1 name2=<Machine Name>
[2000/03/21 14:08:37, 2] lib/access.c:check_access(258)
Allowed connection from localhost (127.0.0.1)
[2000/03/21 14:08:37, 0] smbd/chgpasswd.c:check_oem_password(693)
check_oem_password: incorrect password length (-814585590).
[2000/03/21 14:08:37, 2] smbd/server.c:exit_server(408)
Closing connections
I've tried specifying the machine name with the -d option
(a recomendation culled from the archives). Doesn't work.
I've tried having the user include their own name on
the command line. Doesn't work. Sometimes, it will
give me the above mentioned error, then if I try smbpasswd
again, it tells me the password has been successfully
changed after entering the "Old SMB password" (in which the
user actually used their "New SMB password" as their
"Old SMB password"). When the user tries to log in,
neither password (old or new) allows then access.
The only way that the users smb password can
be changed is if root executes smbpasswd.
All complaints aside, I must be honest and say that
samba has been one of the two most useful pieces of
unix software I have ever used.
If you have any questions, please feel free to contact
me.
Thanks,
-Jim
*************************************************
Jim Kreuziger
UCI Autism Research Project
jkreuzig@uci.edu
*************************************************
[global]
workgroup = SIMPLE
server string = Samba %v on (%L)
security = user
domain logons = yes
encrypt passwords = Yes
password level = 3
log level = 2
name resolve order = wins hosts lmhosts bcast
deadtime = 30
keepalive = 120
client code page = 437
os level = 35
preferred master = Yes
domain master = Yes
wins support = Yes
guest account = samba
invalid users = root daemon bin sys lp smtp uucp nuucp listen dumper
nobody
[netlogon]
comment = The domain logon service
path = /projects/samba/logon
public = no
writeable = no
browseable = no
[users]
comment = New Users Test
path = /projects/samba/users
read only = No
[homes]
read only = No
browseable = No
[guest]
comment = Guest share
path = /projects/samba/guest
read only = No
guest ok = Yes
Hi all you Samba cracks (I hope) out there, I've a question... I use the following smb.conf but when I change the Win95 client to have user profiles, several folders and the user.dat file is created in the users home directory instead of the profile share... My questions are: 1. Does anyone know how to solve this? 2. Does anyone know how to copy the local usersettings to the specific network-profile so I won't have to install software all over again? I hope that someone can AND will help me... [global] workgroup = TRUCKLAND netbios name = SLOTERDIJK server string = Samba Server Sloterdijk min passwd length = 4 log file = /var/log/samba/log.%m max log size = 50 logon script = %U.bat logon path = \\sloterdijk\profile\%U domain logons = Yes os level = 34 preferred master = Yes domain master = Yes dns proxy = No create mask = 0660 force create mode = 0660 directory mask = 0770 force directory mode = 0770 [netlogon] path = /home/samba/scripts browseable = No [profile] comment = User profiles path = /home/samba/profiles read only = No create mask = 0600 force create mode = 0600 directory mask = 0700 force directory mode = 0700 browseable = No [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba print ok = Yes browseable = No [verkoop] path = /data/verkoop valid users = brandenburg,@verkoop,@system,@financieel,@verkoop_zwaar force group = verkoop read only = No [financieel] path = /data/financieel valid users = @financieel, @directie, @system force group = financieel read only = No [directie] path = /data/directie valid users = @directie, @system force group = directie read only = No browseable = No [magazijn] path = /data/magazijn valid users = @magazijn, @system force group = magazijn read only = No [systeembeheer] path = /data/systeembeheer valid users = @system force group = system read only = No browseable = No [install] path = /install valid users = @system force group = system read only = No [documentation] path = /usr/doc valid users = @system, @webbuilders force group = system [website] path = /home/httpd/html valid users = @webbuilders force group = webbuilders read only = No [salaris] path = /data/salaris valid users = @salaris,@system force group = salaris read only = No [cdrom] path = /home/samba/pttdisk/cdrom valid users = @cdfoon read only = No [algemeen] path = /data/algemeen valid users = @algemeen,@system force group = algemeen read only = No browseable = No
I posted a source code hack in November which reverts 2.0.6's profile directory behavior back to that of 2.0.5a. You can look it up in the archives. Be aware that my source code hack will harm your ability to net use x /home. I've heard that Giulioo Orsero posted an smb.conf method that exploits dual win bugs to miraculously do the right thing both with profile and home directories. Once again, it's in the archives. Steve Litt At 01:45 AM 03/23/2000 +1100, Paul Rijke wrote:>Hi all you Samba cracks (I hope) out there, > >I've a question... I use the following smb.conf but when I change the Win95 >client to have user profiles, several folders and the user.dat file is >created in the users home directory instead of the profile share... > >My questions are: > >1. Does anyone know how to solve this? >2. Does anyone know how to copy the local usersettings to the specific >network-profile so I won't have to install software all over again? > >I hope that someone can AND will help me... > > >[global] > workgroup = TRUCKLAND > netbios name = SLOTERDIJK > server string = Samba Server Sloterdijk > min passwd length = 4 > log file = /var/log/samba/log.%m > max log size = 50 > logon script = %U.bat > logon path = \\sloterdijk\profile\%U > domain logons = Yes > os level = 34 > preferred master = Yes > domain master = Yes > dns proxy = No > create mask = 0660 > force create mode = 0660 > directory mask = 0770 > force directory mode = 0770 > >[netlogon] > path = /home/samba/scripts > browseable = No > >[profile] > comment = User profiles > path = /home/samba/profiles > read only = No > create mask = 0600 > force create mode = 0600 > directory mask = 0700 > force directory mode = 0700 > browseable = No > >[homes] > comment = Home Directories > read only = No > browseable = No > >[printers] > comment = All Printers > path = /var/spool/samba > print ok = Yes > browseable = No > >[verkoop] > path = /data/verkoop > valid users = brandenburg,@verkoop,@system,@financieel,@verkoop_zwaar > force group = verkoop > read only = No > >[financieel] > path = /data/financieel > valid users = @financieel, @directie, @system > force group = financieel > read only = No > >[directie] > path = /data/directie > valid users = @directie, @system > force group = directie > read only = No > browseable = No > >[magazijn] > path = /data/magazijn > valid users = @magazijn, @system > force group = magazijn > read only = No > >[systeembeheer] > path = /data/systeembeheer > valid users = @system > force group = system > read only = No > browseable = No > >[install] > path = /install > valid users = @system > force group = system > read only = No > >[documentation] > path = /usr/doc > valid users = @system, @webbuilders > force group = system > >[website] > path = /home/httpd/html > valid users = @webbuilders > force group = webbuilders > read only = No > >[salaris] > path = /data/salaris > valid users = @salaris,@system > force group = salaris > read only = No > >[cdrom] > path = /home/samba/pttdisk/cdrom > valid users = @cdfoon > read only = No > >[algemeen] > path = /data/algemeen > valid users = @algemeen,@system > force group = algemeen > read only = No > browseable = No > >