Gaiseric Vandal
2008-Jan-10 16:27 UTC
[Samba] password sync "Failed to open/create TDB passwd"
I am trying to enable unix password sync. PDC is solaris 3.026a on Solaris 9. my smb.conf file includes: [global] workgroup = MYDOMAIN server string = myserver passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat=*New\sPassword:\s%n\nRe-enter\snew\sPassword:\s%n\npasswd:\s password\ssuccessfully\schanged*\n unix password sync = Yes passwd chat debug = yes passwd chat timeout = 10 dos charset = UTF8 unix charset = UTF8 display charset = UTF8 Samba was compiled to /usr/local/samba-3.0.26a # ls -l /usr/local/samba-3.0.26a/private/passdb.tdb -rw------- 1 root sysadmin 49152 Jan 10 08:05 /usr/local/samba-3.0.26a/private/passdb.tdb Assuming password sync is disabled, password or account changes with smbpasswd, pdbedit, User Manager for Domains work fine. If I enable password sync, I can't change passwords as a user at a PC, or as an administrator with User Manager for Domains. (I also can't use User Manager for Domains to change things like "password never expires." The samba log file of the Windows server with UsrMgr shows the following: [2008/01/10 10:50:14, 5] lib/username.c:Get_Pwnam_internals(108) Get_Pwnam_internals did find user [jsmith] ... [2008/01/10 10:50:14, 2] lib/util_tdb.c:tdb_log(662) tdb(unnamed): tdb_open_ex: could not open file /usr/local/samba-3.0.26a/privat e/passdb.tdb: Permission denied [2008/01/10 10:50:14, 0] passdb/pdb_tdb.c:tdbsam_open(829) tdbsam_open: Failed to open/create TDB passwd [/usr/local/samba-3.0.26a/privat e/passdb.tdb] The passdb file does exist- and samba is running as root. I have a separate unix/windows account for the Domain Admin.
Gaiseric Vandal
2008-Jan-12 12:33 UTC
[Samba] password sync "Failed to open/create TDB passwd"
Does this mean I should be changing the locale? Is this a samba or an OS setting? Or should I just wait for the next version of Samba to fix this. Thanks On 1/10/08, Andriashyk Yuri <sysadmin@uosk.ua> wrote:> samba 2.026a-2.8 bug. > Will set temporally english locale. > > > Gaiseric Vandal ?????: > > I am trying to enable unix password sync. PDC is solaris 3.026a on Solaris 9. > > > > my smb.conf file includes: > > > > [global] > > workgroup = MYDOMAIN > > server string = myserver > > passdb backend = tdbsam > > > > passwd program = /usr/bin/passwd %u > > passwd chat=*New\sPassword:\s%n\nRe-enter\snew\sPassword:\s%n\npasswd:\s > > password\ssuccessfully\schanged*\n > > > > unix password sync = Yes > > passwd chat debug = yes > > passwd chat timeout = 10 > > > > dos charset = UTF8 > > unix charset = UTF8 > > display charset = UTF8 > > > > > > > > Samba was compiled to /usr/local/samba-3.0.26a > > > > # ls -l /usr/local/samba-3.0.26a/private/passdb.tdb > > -rw------- 1 root sysadmin 49152 Jan 10 08:05 > > /usr/local/samba-3.0.26a/private/passdb.tdb > > > > > > Assuming password sync is disabled, password or account changes with > > smbpasswd, pdbedit, User Manager for Domains work fine. If I enable > > password sync, I can't change passwords as a user at a PC, or as an > > administrator with User Manager for Domains. (I also can't use User > > Manager for Domains to change things like "password never expires." > > > > The samba log file of the Windows server with UsrMgr shows the following: > > > > [2008/01/10 10:50:14, 5] lib/username.c:Get_Pwnam_internals(108) > > > > Get_Pwnam_internals did find user [jsmith] > > ... > > [2008/01/10 10:50:14, 2] lib/util_tdb.c:tdb_log(662) > > > > tdb(unnamed): tdb_open_ex: could not open file /usr/local/samba-3.0.26a/privat > > e/passdb.tdb: Permission denied > > > > [2008/01/10 10:50:14, 0] passdb/pdb_tdb.c:tdbsam_open(829) > > > > tdbsam_open: Failed to open/create TDB passwd [/usr/local/samba-3.0.26a/privat > > e/passdb.tdb] > > > > > > > > > > The passdb file does exist- and samba is running as root. I have a > > separate unix/windows account for the Domain Admin. >
Helmut Hullen
2008-Jan-12 13:33 UTC
[Samba] password sync "Failed to open/create TDB passwd"
Hallo, Gaiseric, Du (gaiseric.vandal) meintest am 12.01.08:>>> tdb(unnamed): tdb_open_ex: could not open file >>> /usr/local/samba-3.0.26a/privat passdb.tdb: Permission denied>>> The passdb file does exist- and samba is running as root. I have >>> a separate unix/windows account for the Domain Admin.> Does this mean I should be changing the locale? Is this a samba or > an OS setting?Which rights has the directory, which rights has the file? Viele Gruesse! Helmut
Gaiseric Vandal
2008-Jan-14 16:23 UTC
[Samba] password sync "Failed to open/create TDB passwd"
I have now tried the following - Upgraded from samba 3.026a to 3.028 - Rebuilt "--with-pam" and added "pam password change = yes" (some posts indicated this helped) - Added a "root" samba account and a member of Domain Admins (to see if it was related to unix level file permissions.) - Moved the test user unix account out of nis and into the local /etc/passwd. - tried variations on the chat script. # passwd chat = New %n\n new %n\n *changed* \n passwd chat =*New* %n\n *new* %n\n *changed* \n Nothing has helped. The log files do show: [2008/01/14 09:15:17, 0] smbd/chgpasswd.c:chat_with_program(440) chat_with_program: Error: dochild() returned 0 Several of the posts on google referred to password sync working under Samba 3.024 but then breaking when upgrading to Samab 3.027. I have set the log level to 100 to try to catch any syntax error in the chat script. Currently my smb.conf file includes: [global] workgroup = MYDOMAIN server string = mypdc passdb backend = tdbsam log file = /var/log/samba/%m.log max log size = 50 domain logons = Yes preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap ssl = no cups options = raw passwd program = /usr/bin/passwd %u # passwd program = /usr/bin/passwd -r nis %u # passwd chat = *New*Password* %n\n *new*Password* %n\n *changed* # passwd chat = *New*Password* %n\n *Re-enter*new*Password* %n\n *changed* # passwd chat=*New\sPassword:\s%n\nRe-enter\snew\sPassword:\s%n\npasswd:\spassword\ssuccessfully\schanged*\n # passwd chat = New %n\n new %n\n *changed* \n passwd chat =*New* %n\n *new* %n\n *changed* \n unix password sync = Yes passwd chat debug = yes passwd chat timeout = 10 log level = 100 pam password change = yes dos charset = UTF8 unix charset = UTF8 display charset = UTF8 File perms include # ls -l /usr/local/samba/private/passdb.tdb -rw-rw---- 1 root sysadmin 49152 Jan 14 08:56 passdb.tdb # ls -ld /usr/local/samba/var/locks drwxrwxr-x 5 root sysadmin 1024 Jan 14 11:20 /usr/local/samba/var/locks # ls -ld /usr/local/samba/var/locks/* total 972 -rw------- 1 root root 8192 Jan 14 11:02 account_policy.tdb -rw-r--r-- 1 root root 49152 Jan 14 10:41 brlock.tdb -rw-r--r-- 1 root sysadmin 1440 Jan 14 11:20 browse.dat Thanks On 12 Jan 2008 13:43:00 +0100, Helmut Hullen <Hullen@t-online.de> wrote:> Hallo, Gaiseric, > > Du (gaiseric.vandal) meintest am 12.01.08: > > > >>> tdb(unnamed): tdb_open_ex: could not open file > >>> /usr/local/samba-3.0.26a/privat passdb.tdb: Permission denied > > >>> The passdb file does exist- and samba is running as root. I have > >>> a separate unix/windows account for the Domain Admin. > > > > Does this mean I should be changing the locale? Is this a samba or > > an OS setting? > > > Which rights has the directory, which rights has the file? > > Viele Gruesse! > Helmut > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >