Hey guys,
I need some help here...
I have a PDC built with samba 3.0.10 using MySQL for the passdb backend
Everything works fine until I try to get my Unix and Samba password sync'd
For example if I run:
# smbpasswd -D 100 -U root -r cirion &> log
Without the unix password sync = yes enabled in the config file, the samba
password is changed, and the resulting log file shows:
000018 samr_io_r_chgpasswd_user
0018 status: NT_STATUS_OK
However, if I run the same command with unix password =yes enabled in the
config, I get an error:
machine cirion rejected the password change: Error was : RAP86: The specified
password is invalid.
Failed to modify password entry for user root
If I look deeper in the log file, I get:
000018 samr_io_r_chgpasswd_user
0018 status: NT_STATUS_ACCESS_DENIED
Is there any kind of "allow user password change = yes" anywhere or
any other
option that could be causing that?
Just for the heck of it, I've also included my smb.conf
----------------------------------------------------------------------
; /etc/samba/smb.conf
; Machine: Cirion
[global]
workgroup = SIGTERM
netbios name = Cirion
server string = Domain Controller [Cirion]
hosts allow = 192.168.100. 127.
security = user
encrypt passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces = lo eth0
bind interfaces only = yes
password level = 20
; MySQL
passdb backend = mysql:mysql
mysql:mysql host = localhost
mysql:mysql password = d1g1n3x1
mysql:mysql user = root
mysql:mysql database = samba
mysql:mysql port = 3306
mysql:plaintest pass column = plaintextpass;
; password sync
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *new*UNIX*password* %n\n *Password*
passwd chat debug = yes
; Automatically add trust accounts (doesn't work, so it's commented
out
; add user script = /usr/sbin/useradd -m -d /home/%u -s /bin/bash -g users
%u
local master = yes
os level = 65
domain master = yes
preferred master = yes
null passwords = no
hide unreadable = yes
hide dot files = yes
domain logons = yes
logon script = login.bat
logon path = \\%L\profiles\%U
logon drive = H:
logon home = \\%L\%U\.9xprofile
wins support = yes
name resolve order = wins lmhosts hosts bcast
dns proxy = no
time server = yes
log file = /var/log/samba/log.%m
max log size = 50
;smb passwd file = /etc/samba/private/smbpasswd
log level = 100
[netlogon]
path = /var/lib/samba/netlogon
public = no
writeable = no
browseable = no
[profiles]
path = /var/lib/samba/profiles
browseable = no
writeable = yes
default case = lower
preserve case = no
short preserve case = no
case sensitive = no
hide files = /desktop.ini/ntuser.ini/NTUSER.*/
write list = @users @root
create mode = 0600
directory mode = 0770
nt acl support = Yes
[homes]
comment = Home Directories
browseable = no
read only = no
create mode = 0750
path = /home/%U
valid users = %S
guest ok = no
[winstuff]
comment = Windows Stuff
path = /usr/local/site/windows
public = yes
writeable = no
browseable = yes
write list = @users
--
Martin Lefebvre
Unix Integration Consultant
SIGTerm Technologies
eMail: dadexter@gmail.com
