Hello List
I try to configure samba workig with FDS.
It's look OK I can connect but when user try to change his password
using CTRL + ALT + DEL from
windows, after typing the passwords it returns:
"current password or user's name is incorrect...."
The
samba-pasword is change but not the usePassword attribute
The logs of samba tells:
[2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_modify_entry(1574)
ldapsam_modify_entry: LDAP Password could not be changed for user
user1: Confidentiality required
Operation requires a secure connection.
[2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1720)
ldapsam_update_sam_account: failed to modify user with uid = user1,
error: Operation requires a secure connection.
(Success)
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(539)
decode_pw_buffer: incorrect password length (-1886846999).
[2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(540)
decode_pw_buffer: check that 'encrypt passwords = yes'
My smb.conf is in attachement
Is anyone has ever meet this problem ???
Thank's
-------------- next part --------------
[global]
workgroup = TEST2DOM
netbios name = SERVADM
os level = 65
domain logons = yes
domain master = yes
local master = yes
security = user
encrypt passwords = true
pam password change = no
####### CONFIG LDAP ################
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -g 515
-c 'Machine Account' -s /bin/false %u
add user script = /usr/sbin/smbldap-useradd -a -m '%u'
delete user script = /usr/sbin/smbldap-userdel -r '%u'
add group script = /usr/sbin/smbldap-groupadd '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u'
'%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u'
'%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g'
'%u'
# Connexion LDAP
passdb backend = ldapsam:ldap://ds.ch-st-julien.intra
ldap admin dn = uid=admin,dc=ch-st-julien,dc=fr
ldap suffix = dc=ch-st-julien,dc=fr
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
passwd chat debug = Yes
ldap passwd sync = yes
unix password sync = no
passwd program = /usr/bin/smbldap-passwd -u %U
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\spassword:* %n\n .
###### Gestion des ACL #######
nt acl support = yes
# gestion heritage
inherit acls = yes