thr3ads.net - samba - [Samba] ldap users would like to change their own (smb)passwords [Dec 2002]

If this information is useful, please help other people find it:
Share via:

jan

2002-Dec-16 11:06 UTC

[Samba] ldap users would like to change their own (smb)passwords

Dear Samba list,


I am using samba with ldap. All works fine.
Now I want my users to change their own smbpasswd's.

That only works when :

domain admin groups = myusers
and
secrets.tdb is set to 660

beside this smb.conf must at least be readable by the myusers_group.

Otherwise I get this :

/usr/local/samba-2.2.7/bin/smbpasswd -L -a bert

Failed to open /usr/local/samba-2.2.7/private/secrets.tdb
New SMB password:
Retype new SMB password:
LDAPS option set...!

fetch_ldap_pw: ldap secret is too long (1073817312 > 1023)!
ldap_connect_system: Failed to retrieve password for cn=master, ... from 
secrets.tdb

Is there no more secure and better way to let users change their own 
(smb)passwd in the ldap directory
(also to avoid that user x change user's y passwd) ??


regards,



Jan

Gerald (Jerry) Carter

2002-Dec-16 14:39 UTC

head link

[Samba] ldap users would like to change their own (smb)passwords

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 16 Dec 2002, jan wrote:
> Dear Samba list,
> 
> 
> I am using samba with ldap. All works fine.
> Now I want my users to change their own smbpasswd's.
> 
> That only works when :
> 
> domain admin groups = myusers
> and
> secrets.tdb is set to 660
> 
> beside this smb.conf must at least be readable by the myusers_group.
I wouldn't do this if I were you.
> Otherwise I get this :
> 
> /usr/local/samba-2.2.7/bin/smbpasswd -L -a bert
non-root users should use

	smbpasswd -r <server> -U <user>

for changing their passwords.  This uses the SMB RAP password 
changing ops and requires that the user know the old password.




cheers, jerry
 ----------------------------------------------------------------------
 Hewlett-Packard            ------------------------- http://www.hp.com
 SAMBA Team                 ---------------------- http://www.samba.org
 GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
 ISBN 0-672-32269-2         "SAMS Teach Yourself Samba in 24 Hours"
2ed
 "You can never go home again, Oatman, but I guess you can shop
there."
                            --John Cusack - "Grosse Point Blank"
(1997)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE9/eS5IR7qMdg1EfYRAkQ3AKDZV0YYdICqfFij+22lQPkXj3DEkQCg0gil
e5c/i9SpkD6817N+Y6DHiv0=IMfQ
-----END PGP SIGNATURE-----

Reasonably Related Threads

Search for more apparently analagous threads

samba - Dec 2002 - ldap users would like to change their own (smb)passwords

[Samba] ldap users would like to change their own (smb)passwords

[Samba] ldap users would like to change their own (smb)passwords

Reasonably Related Threads