roudoud0u@free.fr
2006-Nov-05 20:50 UTC
[Samba] unix password sync not working: "Error was : RAP86: The specified password is invalid"
Hi, we've have a NT domain with samba 3.0.7 on FreeBSD 5.3 and windows XP clients. We use NIS as the Unix backend for user authentication. The User home dir are setup on a other serveur and shared via NFS. Everything used to work fine but since few days the users are unable to change their password either via windows dialog box (the get the usual message "You don't have the permissions to change your password") or via smbpasswd after login onto the Samba PDC server where they get this error message "machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for <user>" I don't know if this is related, but when trying to change the password, samba logs shows that among others debug message "[2006/11/05 22:50:02, 3] smbd/chgpasswd.c:chat_with_program(347) [2006/11/05 22:50:02, 3] smbd/chgpasswd.c:chat_with_program(347) [2006/11/05 22:50:02, 3] smbd/chgpasswd.c:chat_with_program(347) chat_with_program: Cannot Allocate pty for password change: util chat_with_program: Cannot Allocate pty for password change: util chat_with_program: Cannot Allocate pty for password change: util " Setting "Unix password sync = No" permits to workaround the problem but it would be great if we could use the unix password sync functionnality again. I've also noticed than root is able to change the password of any user using smbclient. As far as i can remember, the only configuration change i've made is to change the unix uid of some NIS user and to migrate the server where are kept user home dir to a new one. Here is our minimalistic smb.conf. ===============================================smb.conf (result of `testparm -s`) ===============================================# Global parameters [global] workgroup = <domaine> passdb backend = tdbsam passwd program = /usr/bin/yppasswd %u passwd chat = *\n*ew\spassword* %n\n *ew\spassword* %n\n *Changed*\n password level = 6 unix password sync = Yes log file = /var/log/samba/log.%m logon drive = Z: domain logons = Yes domain master = Yes ldap ssl = no [homes] comment =User Home dir path = %H read only = No [hp-color] comment = HP printer path = /tmp guest ok = Yes printable = Yes printer name = hp-color [netlogon] path = /var/samba/netlogon guest ok = Yes browseable = No =============================================Thanks.