Hi!
I'm new in this list and i'm quite new to samba.
I'm trying to configure samba as a PDC for a Windows XP network.
Samba version: 3.2.5 on Debian Lenny 5.0.4
The domain works, as well profiles. The problem is the "unix password
sync" options.
My values are:
|unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n
*Enter* new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd:
*all* authentication*tokens*updated*successfully*|
When i try to change the password from the windows client using an
account of the domain
(Ctrl+Alt+Canc and then Change password) I get the following message:
You do not have permission to change your password.
I noticed that when I try to change a password on the server (as root)
#smbpasswd <account-name>
It changes the samba password only, but not the linux one.
If I login the server as a user of the domain and I try:
$smbpasswd
I put the old password, then the new and I get the following:
"SAMR connection to machine NT_STATUS_ACCESS_DENIED failed. Error was
127.0.0.1, but LANMAN password changed are disabled.
Failed to change password for <user-name>"
I googled a lot and I found lot of people asking about problems like
this but no solutions.
Anyway I hope someone can help me with this :-)
What I tryied:
1) I'm Italian, so I tried to change the passwd chat, but didn't work.
2) I've set
lanman auth = yes
client lanman auth = yes
and then when I try (as a domain user)
$smbpasswd
I get a different error: "machine 127.0.0.1 rejected the password
change: Error was : RAP86: The specified password is invalid.
Password changed for user <user-name>"
But the password don't change!
I hope someone can give me some hint to solve the problem :-)
Thank you!
Alessandro Grandi
On Fri, May 14, 2010 at 3:46 PM, Alessandro Grandi <alle_sandro at libero.it> wrote:> If I login the server as a user of the domain and I try: > $smbpasswd > I put the old password, then the new and I get the following: > "SAMR connection to machine NT_STATUS_ACCESS_DENIED failed. Error was > 127.0.0.1, but LANMAN password changed are disabled. > Failed to change password for <user-name>"This is bug #2128 - https://bugzilla.samba.org/show_bug.cgi?id=2128 Originally reported for version 3.0.8 and still broken in 3.5.2. Makes it impossible to test unix password sync without a Windows box. You probably have to edit your password chat. Visually examine what happens when you change the unix password and edit the chat to match. Chris --
>On Fri, May 14, 2010 at 3:46 PM, Alessandro Grandi wrote: > > If I login the server as a user of the domain and I try: > > $smbpasswd > > I put the old password, then the new and I get the following: > > "SAMR connection to machine NT_STATUS_ACCESS_DENIED failed. Error was > > 127.0.0.1, but LANMAN password changed are disabled. > > Failed to change password for <user-name>"> This is bug #2128 - https://bugzilla.samba.org/show_bug.cgi?id=2128> Originally reported for version 3.0.8 and still broken in 3.5.2. Makes > it impossible to test unix password sync without a Windows box. > > You probably have to edit your password chat. Visually examine what > happens when you change the unix password and edit the chat to match.I tryied to edit my "passwd chat" but it still don't work. This is my output when I change the user password (as root): #passwd silvia Immettere nuova password UNIX: Reimmettere la nuova password UNIX: passwd: password aggiornata correttamente So my passwd chat is: passwd chat = *Immettere*nuova*password*UNIX:*%n*\n* *Reimmettere*la*nuova*password*UNIX:*%n*\n* *passwd:*password*aggiornata*correttamente* but it still don't work. I tried also some different values for passwd chat (even something like: passwd chat = *nuova*password*%n*\n* *nuova*password*%n*\n* *password*) but no way... Maybe there is something I've not understood in the passwd chat sintax? I don't know... I'd like to setup this feature but it's not a critical one (I don't think I'll setup LDAP just for this). Thank you everyone is spending time to answer me! (I appreciate it so much :-) Alessandro