Hi all, Sorry if this has been answered before, but I've searched Google and the archives and it hasn't revealed an answer to my problem. Basically I'm trying to get unix password sync to work so that users can change both their logon and other services (POP3 etc) passwords from within Windows. but the problem is that if I enable unix password sync, it fails with the error of: [user@mail user]$ smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for user So basically because it won't even work via smbpasswd from the machine as the unprivileged user, then changing from Windows won't (and doesn't) work either. But of course, if I turn off unix password sync, password changes by the users on the command line with smbpasswd work fine and they do from Windows as well. I have tried a variety of versions of Samba from earlier 2.2.x series, to the latest 2.2.8a version and the latest 3.0.x versions as well. So it doesn't appear to be a bug in any specific version of Samba causing the problem. I'm running Samba on a Fedora Core 1 machine, but I've also tested unix password sync on another machine with Red Hat 7.3 on it and it fails on that one also if unix password sync is on. What else needs to be done to get this to work properly? TIA. / Ben
On Tue, 24 Feb 2004, Ben Jensz wrote:> Hi all, > > Sorry if this has been answered before, but I've searched Google and the > archives and it hasn't revealed an answer to my problem. > > Basically I'm trying to get unix password sync to work so that users can > change both their logon and other services (POP3 etc) passwords from > within Windows. but the problem is that if I enable unix password sync, > it fails with the error of: > > [user@mail user]$ smbpasswd > Old SMB password: > New SMB password: > Retype new SMB password: > machine 127.0.0.1 rejected the password change: Error was : RAP86: The > specified password is invalid. > Failed to change password for user > > So basically because it won't even work via smbpasswd from the machine > as the unprivileged user, then changing from Windows won't (and doesn't) > work either. But of course, if I turn off unix password sync, password > changes by the users on the command line with smbpasswd work fine and > they do from Windows as well. > > I have tried a variety of versions of Samba from earlier 2.2.x series, > to the latest 2.2.8a version and the latest 3.0.x versions as well. So > it doesn't appear to be a bug in any specific version of Samba causing > the problem. I'm running Samba on a Fedora Core 1 machine, but I've > also tested unix password sync on another machine with Red Hat 7.3 on it > and it fails on that one also if unix password sync is on. > > What else needs to be done to get this to work properly?What is in your smb.conf file for: interfaces ?? Do you have: bind interfaces only = Yes ?? What entries to you have for: hosts allow hosts deny ?? Do you have a firewall on this machine? - John T. -- John H Terpstra Email: jht@samba.org
Greetings Try, as root "smbpasswd -e username" where username is the non-root user having this problem. I was having this problem too. I don't know the details, but try it out and let the list know the results please. References; http://www.linuxquestions.org/questions/archive/14/2003/06/4/62307 http://lists.samba.org/archive/samba/2003-January/059012.html http://www.spinics.net/lists/samba/msg07918.html http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&c2coff=1&q=RAP86&btnG=Google+Search Ben Jensz wrote:> Hi all, > > Sorry if this has been answered before, but I've searched Google and the > archives and it hasn't revealed an answer to my problem. > > Basically I'm trying to get unix password sync to work so that users can > change both their logon and other services (POP3 etc) passwords from > within Windows. but the problem is that if I enable unix password sync, > it fails with the error of: > > [user@mail user]$ smbpasswd > Old SMB password: > New SMB password: > Retype new SMB password: > machine 127.0.0.1 rejected the password change: Error was : RAP86: The > specified password is invalid. > Failed to change password for user > > So basically because it won't even work via smbpasswd from the machine > as the unprivileged user, then changing from Windows won't (and doesn't) > work either. But of course, if I turn off unix password sync, password > changes by the users on the command line with smbpasswd work fine and > they do from Windows as well. > > I have tried a variety of versions of Samba from earlier 2.2.x series, > to the latest 2.2.8a version and the latest 3.0.x versions as well. So > it doesn't appear to be a bug in any specific version of Samba causing > the problem. I'm running Samba on a Fedora Core 1 machine, but I've > also tested unix password sync on another machine with Red Hat 7.3 on it > and it fails on that one also if unix password sync is on. > > What else needs to be done to get this to work properly? > > TIA. > > > / Ben > > >-- # Jesse Molina # Mail = jesse@opendreams.net # Page = page-jesse@opendreams.net # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/
Nope, but according to the docs anyway, when doing a unix password sync, Samba as root calls the passwd command. So in terms of root operating the passwd command, it won't obey password charateristic restrictions anyway as root changing passwords overrides that anyway (at least on the Linux system I'm using it on). Thanks for the suggestion though :) John Terpstra double checked my configuration off-list and he could also reproduce the problem and suggested I file a bug report (which I've done). Cheers, Ben J?rn Nettingsmeier wrote:> a guess: did you configure any password restrictions such as a minimum > length? if so, does the password you are trying to set adhere to those > restrictions? > > just a shot in the dark, > > j?rn >
Quoting "Ben Jensz"> So basically because it won't even work via smbpasswd from the > machine > as the unprivileged user, then changing from Windows won't (and > doesn't) > work either.I'm running SuSE 9.0 samab-2.2.8a, and the default settings for "passwd program" are NOT correct. I had to add "%u" to: passwd program = /usr/bin/passwd %u According to my smb.conf.5.html... "Note that if the unix password sync parameter is set to yes then this program is called AS ROOT before the SMB password in the smbpasswd(5) file is changed. If this UNIX password change fails, then smbd will fail to change the SMB password also (this is by design)." This is the reason you need to add "%u". HTH