Hi,
I see my machine password change in secrets.tdb. I am not sure who
initiated it.
But can this happen automatically after "7 days" as mentioned in
following link
initiated by someone else (PDC), other than smbd/winbindd?
http://www.windowsnetworking.com/nt/registry/rtips295.shtml
I am confused who changed it, but it got changed after 7 days. Can PDC
ask smbd/winbindd to change this? Or it is initiated by smbd/winbindd?
But I see logs from winbindd that initiated the change after 7 days, but got
permission denied. Will the "denied message" cause the change to be
persistent
in secrets.tdb? I am unsure of this, too:
2010 Jun 14 18:34:00 xyz winbindd[31473]: [2010/06/14 18:34:00.040611,
0] rpc_client/cli_netlogon.c:563(rpccli_netlogon_set_trust_password)
2010 Jun 14 18:34:00 xyz winbindd[31473]:
rpccli_netr_ServerPasswordSet2 failed: NT_STATUS_ACCESS_DENIED
Here is krb5.conf:
# cat /etc/krb5.conf
[libdefaults]
default_realm = XYZ.COM
[realms]
XYZ.COM = {
kdc = xyz_ad
admin_server = xyz_ad
kpasswd_server = xyz_ad
default_domain = XYZ.COM
}
[domain_realm]
.kerberos.server = XYZ.COM
[logging]
default = SYSLOG:NOTICE:DAEMON
kdc = FILE:/var/log/kdc.log
kadmind = FILE:/var/log/kadmind.log
[appdefaults]
pam = {
ticket_lifetime = 3d
renew_lifetime = 7d
forwardable = true
proxiable = false
retain_after_close = false
minimum_uid = 0
debug = false
}
Thanks,
Rajesh
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
