samba - Aug 2003 - change password on w2k workstation

Hi!!

I'm not able to change a user password on a workstation and with
smbpasswd when I'm log.

ex:
[usertest@pc070 usertest]$ smbpasswd
Old SMB password:
New SMB password:
Retype new SMB password:
machine 127.0.0.1 rejected the password change: Error was : RAP86: The
specified password is invalid.
Failed to change password for usertest

so when I'm root, that's work

The log message for this case is:
[2003/08/26 11:59:11, 0] auth/pampass.c:smb_pam_chauthtok(692)
  PAM: UNKNOWN PAM ERROR (19) for User: usertest
[2003/08/26 11:59:11, 0] auth/pampass.c:smb_pam_passchange(848)
  smb_pam_passchange: PAM: Password Change Failed for user usertest!

When I'm on a w2k workstation, the log say:
[2003/08/26 12:04:53, 0] auth/pampass.c:smb_pam_chauthtok(692)
  PAM: UNKNOWN PAM ERROR (19) for User: usertest
[2003/08/26 12:04:53, 0] auth/pampass.c:smb_pam_passchange(848)
  smb_pam_passchange: PAM: Password Change Failed for user usertest!

My smb.conf is
 passdb backend = ldapsam:ldap://192.168.53.58, guest
        passwd program = /usr/bin/smbpasswd %u
        passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
        unix password sync = Yes
        encrypt passwords = Yes
        passwd chat debug = Yes
        logon script = netlogon.bat
        logon path = \\srv-image\profiles\%u
        logon drive = X:
        logon home = \\srv-image\%u
        domain logons = Yes
        os level = 65
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        ldap suffix = dc=mydomain,dc=com
        ldap machine suffix = ou=machines
        ldap user suffix = ou=People
        ldap group suffix = ou=Groups
        ldap admin dn = cn=manager,dc=mydomain,dc=com
        ldap delete dn = Yes
        ldap trust ids = Yes
        ldap ssl = no
        ldap passwd sync = Yes
        admin users = Administrator root
        hosts allow = 192.168.53.0/255.255.255.0 127.0.0.1

my slapd.conf
index           cn,sn,uid,displayName           pres,sub,eq
index           uidNumber,gidNumber             eq
index           sambaSID                        eq
index           sambaPrimaryGroupSID            eq
index           sambaDomainName                 eq
index           objectClass                     eq
index           default                         sub

access to dn=".*dc=unigiciel,dc=com"
        by self write
        by *    read
access to dn=".*dc=unigiciel,dc=com"
        attrs=userPassword,sambaLMPassword,sambaNTPassword
        by dn="cn=manager,dc=unigiciel,dc=com" write
        by self write
        by anonymous auth
        by * read

my /etc/ldap.conf
ssl no
port    389
rootbinddn      cn=manager,dc=mydomain,dc=com
pam_filter objectclass=posixAccount
pam_login_attribute uid

My samba version samba-3.0.0beta3-1

my pam login 
auth       required     /lib/security/pam_securetty.so
auth       required     /lib/security/pam_nologin.so
auth       sufficient   /lib/security/pam_ldap.so
auth       required     /lib/security/pam_unix_auth.so try_first_pass
account    sufficient   /lib/security/pam_ldap.so
account    required     /lib/security/pam_unix_acct.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_ldap.so
password   required     /lib/security/pam_pwdb.so use_first_pass
session    sufficient   /lib/security/pam_ldap.so
session    required     /lib/security/pam_unix_session.so
session    optional     /lib/security/pam_console.so



Someone can help me??

Hallo Daniel,

mabe you should use Yast to change it.
1.)Remember thta you can not use all
letters for the Password for example do not use the Letters
???,./&%$?"! and
so on.
2.)Look at     man passwd for more info.
And the next point is that the User must exist.
3.)Did you configured this User as root?
I hope so.

mfg Markus