similar to: samba(3.6.4), with LDAP backend and sambapasswordhistory issue

I am trying to turn on password history using an ldap backend. I can see the sambaPasswordHistory entry set to all "0"s in Ldap. I tried to turn on password history with pdbedit -P "password history" -C 3 and get back that it was set: [root]# pdbedit -P "password history" account policy value for password history is 3 However, when I try to reset a user password

Hello all, I've some problem with my new Samba / Ldap PDC : I cannot join the Domain from Windows (XP) computers Okay, all configuration seem to be okay on the serveur, I can create Users,Computers for samba (and unix) I put here some config file, if someone can help me, I'm on since 5 days, it's my first PDC so I use the tutorial from Idealx (smbldap-howto) getent passwd give me

Hello! SuSE Linux 10.0 Samba 3.0.20b OpenLDAP backend IDEALX scripts v0.9.2 Windows XP SP2 client Everything seems to be working except when changing your password from the Windows client (CTRL-ALT-DEL and "Change password"). When I try to change the password I get the following error message. "The User name or old password is incorrect. Letters in passwords must be typed

I'm running the samba-client-3.0.20-0.1 SUSE RPM. I was using the version that came with 9.3 but upgraded to see if this specific problem would go away. Guest access does not appear to be working correctly, and it looks like the problem is due to guest not getting mapped into the LDAP query correctly. Specifically, I can login with local account, join workstation to the domain, browse

I think I've found a bug in the LDAP stuff. I've got a LDAP backend setup based on the idealx scripts. When I try to join a machine to my domain, I get the following. The important bit I want to point out is that the LDAP search is looking for (a lot of) properties, but it seems to be looking for _ALL_ objectClass=sambaSamAccount's. At this point in the trace, it should be trying to

Hi, we are using Samba4 since the first stable release, and we are fully satisfied. Our configuration is 2 DCs on opensuse13, samba 4.1.16 + bind, full sync (ad/gpo/netlogon), ~1k users, ~700 computers. We migrated to samba4 from the classic samba3/ldap backend without any big issue. We have the possibility to reset the password to the default one using a web form. On samba3/ldap we used the

Hey List, I'm using Samba 3.0.24 and OpenLDAP 2.3.30 (with the ppolicy and smbk5pwd overlays). While testing Samba as a PDC with an OpenLDAP backend, I've hit a snag on password change. I currently have the following in my smb.conf related to password changes: passwd program = /usr/bin/ldappasswd -x -W -S -D uid=%u,ou=Users,dc=example,dc=com passwd chat = "*Enter

List, I upgraded to 3.0.10 the other day, and completely missed the fact that the samba.schema for openldap had to be upgraded as well. I learnt that this was the case when passwords could no longer be changed... Searching the web revealed that the only thing to do was to "copy over samba.schema" and everything would be fine. So I backed up the previous copy of samba.schema, copied the

Hi everyone, I am trying to setup a PDC using Samba and OpenLDAP. For some reason, I've used both the examples provided in the Official Howto and also the smbldap-tools howto developed by IDEALX. I am able to get the directory up and running. I am able to get the following working: 1. LDAP Directory server and successful Queries through Samba 2. Add user and machine accounts. 3.

Thanks for that, it's pretty much our server-side web form to re-init passwords. The problem is that I need to store somewhere as plaintext the default password for each user, which is prompted to change at the 1st connexion. I turned on "--store-plaintext on" via samba-tool and read "supplementalCredentials", looked for "Store passwords using reversible

Hi, I have an ldap provider and consumer that appear to work correctly, EG, new users are sync'ed and a search on either server (ldapsearch -x -b 'dc=example,dc=com' '(cn=djohn)') returns an oject. However when an XP user attempt to connect to the consumer server the authentication fails: [2011/06/10 16:11:21, 0] lib/util_sock.c:write_data(1059) [2011/06/10 16:11:21, 0]

Is there a way that we can increment the samba bad password count, when a user fails a password on a linux system? I'm looking for ways to get both Windows and Linux to simultaneously lock out accounts if they fail so many times. We're using an LDAP backend.

Release Announcements ===================== Samba 3.6.4, 3.5.14 and 3.4.16 are security releases in order to address CVE-2012-1182. o CVE-2012-1182: Samba 3.0.x to 3.6.3 are affected by a vulnerability that allows remote code execution as the "root" user. Changes: -------- o Stefan Metzmacher <metze at samba.org> *BUG 8815: PIDL based autogenerated code allows

Release Announcements ===================== Samba 3.6.4, 3.5.14 and 3.4.16 are security releases in order to address CVE-2012-1182. o CVE-2012-1182: Samba 3.0.x to 3.6.3 are affected by a vulnerability that allows remote code execution as the "root" user. Changes: -------- o Stefan Metzmacher <metze at samba.org> *BUG 8815: PIDL based autogenerated code allows

Hi Harry, sadmin and tadmin are both admin logins. I was trying to domain join with both. sadmin is in ldap The olcdbindex.ldif gave this error SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 modifying entry "olcDatabase={1}hdb,cn=config" ldap_modify: Other (e.g., implementation specific) error (80) additional

Hi people: I have a Debian etch stable with the latests updates. When I try to join a computer to the domain I create the machine on the ldap and its created with the following atributes: dn:cn=test$,ou=Machines,dc=domain,dc=org objectClass: top objectClass: inetOrgPerson objectClass: posixAccount uidNumber: 3123 uid: test$ cn: test$ sn: test$ gidNumber: 604 homeDirectory: /dev/null loginShell:

hi, i just do some tests with a fresh compiled samba 3.0.23a. trying to authenticate against PAM with pam_winbind gives: Aug 1 09:59:21 humevo36 pam_winbind[27853]: pam_winbind: pam_sm_authenticate (flags: 0x0000) Aug 1 09:59:23 humevo36 pam_winbind[27853]: Verify user `gasch' Aug 1 09:59:23 humevo36 pam_winbind[27853]: enabling cached login flag Aug 1 09:59:23 humevo36

Hi, i am transitioning from a samba3 to a samba4 installation and while at it i noticed that on samba4 every file access querys the LDAP (openldap) backend for uid/gid names. With samba3 on Debian/Squeeze i dont see this happening. My assumption was that nscd would cache away those querys which it doesnt on the samba4 wheeze installation. [2015/01/09 15:21:46.331508, 3]

Hi people: I have a LDAP server running OpenLDAP that serves authentication purposes to services like ftp, imap, openvpn, etc. Now I implemented a Samba PDC based on LDAP. I did the configuration with Samba 3.2.5 on Debian Etch and smbldap-tools. I was able to join a WinXP workstation to my domain without problems but I can't login with any existing user in my LDAP directory. Then I added my

Hi all! We are using 1 Samba PDC and 2 bdc (Version 3.0.15pre3-SVN-build-UNKNOWN-PS-SuSE) with openldap2-2.2.6-37.38 on SLES 9. New users setup ok and first logon password change works. Because of HIPAA we need the passwords to change every 30 days however this isn't happening. I thought that I had this working once upon a time while I was testing and getting ready for production but