Moondance Foxmarnick
2005-Sep-12 15:57 UTC
[Samba] verify smbpasswd run as root when user changes?
Is smbpasswd run as root or local when an XP Pro domain client tries to change password? System Fedora Core 4/SeLinuxSecurity disabled SAMBA 3.0.20 PDC unix password sync=yes passwd backend smbpasswd Problem - Users logged into XP pro cannot change password Detail: When a user tries to change their password they get the error message: "You do not have permission to change your password". However - the Linux password is changed and the SAMBA password is not. logging in to Fedora as root and invoking passwd and smbpasswd for the user returns no errors su 'username' and repeating the process (with good password given) passwd - okay smbpasswd - "machine 127.0.0.1 rejected the password change: "Error was: RAP86: The specified password is invalid." The only difference if you use a bad password - passwd won't allow the change either. So my conclusion thus far is that passwd is being invoked as root but smbpasswd is being invoked as the logged in user and refuses the password change. However, I have no idea what to do now and I cannot set unix passwd sync = no (even though that "fixes" it) - Please help
Moondance Foxmarnick
2005-Sep-12 18:14 UTC
[Samba] verify smbpasswd run as root when user changes?
Okay - a) yes b) I set pam password change = yes and the problem went away. Why? How did the 'nix password change then? What was broken? Moondance Foxmarnick wrote:> Is smbpasswd run as root or local when an XP Pro domain client tries > to change password? > System Fedora Core 4/SeLinuxSecurity disabled > SAMBA 3.0.20 PDC unix password sync=yes passwd backend smbpasswd > Problem - Users logged into XP pro cannot change password > Detail: > When a user tries to change their password they get the error message: > "You do not have permission to change your password". However - the > Linux password is changed and the SAMBA password is not. > logging in to Fedora as root and invoking passwd and smbpasswd for the > user returns no errors > su 'username' and repeating the process (with good password given) > passwd - okay smbpasswd - "machine 127.0.0.1 rejected the password > change: "Error was: RAP86: The specified password is invalid." The > only difference if you use a bad password - passwd won't allow the > change either. > So my conclusion thus far is that passwd is being invoked as root but > smbpasswd is being invoked as the logged in user and refuses the > password change. > However, I have no idea what to do now and I cannot set unix passwd > sync = no (even though that "fixes" it) - Please help