Hi, I have a samba PDC with openldap, it works well but I have a
problem. When the user change the password from Windows XP I see the
following error on the log file:
init_group_from_ldap: Entry found for group: 1101
[2007/10/17 14:23:22, 2] passdb/pdb_ldap.c:init_group_from_ldap(2140)
init_group_from_ldap: Entry found for group: 1101
[2007/10/17 14:23:22, 0] libsmb/smbencrypt.c:decode_pw_buffer(520)
decode_pw_buffer: incorrect password length (-855035467).
[2007/10/17 14:23:22, 0] libsmb/smbencrypt.c:decode_pw_buffer(521)
decode_pw_buffer: check that 'encrypt passwords = yes'
Obviuosly in the smb.conf I have "encrypt passwords = yes" or I have
not
any 'encrypt passwords = yes' ...
The windows xp client receive a password length error and the account
become locked..
here my smb.conf
[global]
workgroup = MYDOMAIN
server string = %h
interfaces = eth0, lo
bind interfaces only = Yes
passdb backend = ldapsam:ldap://127.0.0.1/
passwd chat = *New*password* %n\n *Retype*new*password:* %n\n
username map = /etc/samba/smbusers
enable privileges = yes
unix password sync = Yes
log level = 2
log file = /var/log/samba/%I.log
max log size = 10000
name resolve order = wins lmhosts hosts bcast
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
ldap admin dn = cn=admin,dc=mydomain,dc=com
ldap ssl = off
ldap passwd sync = Yes
ldap suffix = dc=mydomain,dc=com
ldap machine suffix = ou=Machines
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap idmap suffix = ou=People
encrypt passwords = yes
add user script = /usr/sbin/smbldap-useradd -m "%u"
passwd program = /usr/sbin/smbldap-passwd "%u"
template shell = /bin/false
#add user script = /usr/sbin/smbldap-useradd -a -m "`echo
"%u" |
tr '[:upper:]' '[:lower:]'`"
ldap delete dn = yes
delete user script = /usr/sbin/smbldap-userdel %u
delete user from group script = /usr/sbin/smbldap-groupmod -x "%
u" "%g"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u"
"%
g"
add machine script = /usr/sbin/smbldap-useradd -w "%m"
set primary group script = /usr/sbin/smbldap-usermod -g "%g"
"%
u"
logon script = %G.bat
logon path =
logon drive = O:
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
recycle:repository = .recycle/%U
recycle:version = True
recycle:touch = False
recycle:keeptree = True
recycle:exclude = *.tmp *.temp *.TMP *.TEMP ~$*
recycle:maxsize = 0
case sensitive = No
hide unreadable = Yes
vfs object = recycle
veto oplock files = /*.doc/*.xls/*.mdb/*.DOC/*.XLS/
--
Email.it, the professional e-mail, gratis per te: http://www.email.it/f
Sponsor:
In REGALO un GIOCO! Scegli GPBikes 3D,Bubble Boom, Rock City Empire
Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=6732&d=17-10
