Tim-Ole Alexander Golz schrieb:
Hi, all there,
first of all I like to introduce me cause this is my first post on this list: I
am a networkadmin from Germany, struggling with Apple, Linux and Windows for a
couple of years now ...
I have occassionally worked with samba as a domain controller for three or four years now, but with systems windows 2000 / windows 2003 server / windows XP clients.
I have successfully installed some samba-servers working as PDC, even with LDAP
as smbpasswd-Backend.
my question is a bit off-topic, but I found no useful help on the web:
on our current project, I have installed a samba PDC with LDAP on Debian Lenny 5.0.4.
there seems to be a bug in phldapadmin (the one shipping with Debian Lenny), because the
smb-password is not longer hashed. when setting a new domainuser via phpldapadmin with
the "Samba 3 account"-scheme, I can not log in to the domain.
I have to do a "smbpasswd user" to get it work.
when I use "smbldap-useradd user && smbldap-passwd user" everything is working
fine.
I tried this on three different installations (with Debian Lenny 5.0.3 through
5.0.4), always the same problem.
I have installed the mkntpwd-Tool (as in former installations), but it is not longer needed and I cant even choose it in the phpldapadmin/config-File because there is no longer such a file ... :-(
I have installed all the perl-crypt-modules, tried it with different settings
in the smb.conf:
unix password sync = yes
ldap password sync = yes
but nothing helped.
anyone else who has the same problem? any hints or maybe the solution?
thany a lot in advance!
tim-ole golz
I think I have seen the same bug. I've upgraded to phpldapadmin from
testing (1.2.0.5), and I think the LM and NT hashes are still buggy.
I've found that if you edit a userPassword entry, the password gets
copied to the LM and NT Password fields, but probably after it is
encrypted. So the hash comes out wrong.
If I enter a password into the SambaNTPassword field, it works, and
the user can log in with that password. Try it and compare the LM and NT
hashes with those created with smbldap-passwd.
Oliver Freyd
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba