Hello,
I am running Samba 3.4.7 on Ubuntu 10.04 amd64. Due to legacy support, I am using a smbpasswd file (chmod 600) instead of the newer tdbsam database. It is also worth noting that this server also has LDAP authentication enabled (for SSH access). Clients access Samba from both Windows 7 and Windows XP. The smb.conf file is as follows: [global] workgroup = HOME printcap name = /etc/printcap load printers = no printing = lprng log file = /var/log/samba/%m.log max log size = 0 security = user encrypt passwords = true passdb backend = smbpasswd smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* pam password change = yes obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no os level = 65 domain master = no preferred master = no name resolve order = wins bcast host lmhosts wins server = xxx.xxx.xxx.xxx dns proxy = no idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = no [MyShare] path = /mnt/MyShare browseable = yes public = yes guest ok = yes writable = yes printable = no create mode = 0664 directory mode = 0775 veto oplock files = /*mgc*/ force create mode = 0660 force directory mode = 0660 Samba is not a PDC, however the Windows accounts on client machines have the same credentials as are stored in smbpasswd, so the share is automatically authenticated. I have observed that if a user is required to enter their password, e.g. their Windows password is not the same as in smbpasswd, then their password in smbpasswd gets reset. For example, before attempting to connect, user1's entry in smbpasswd looks like this (password hashes randomized in example below): user1:111: f0faf5d8955e92206354485d29a1b15e : e580c2260de48ababdd67d6ed063a641 :[UX ]:LCT-4E985F55: After the user attempts to connect, and enters the wrong credentials, user1:111: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX : e580c2260de48ababdd67d6ed063a641 :[UX ]:LCT-4E985F55: Thus if the user then tries a second time with the correct password, they are unable to login. If the correct password is supplied the first time, then no change is made to smbpasswd. Sometimes the password gets changed to XXXXX... even after a successful login. When this error occurs, nothing is logged in /var/log or /var/log/samba. An strace of the parent smbd process reveals only the following: gettimeofday({1335971419, 254991}, NULL) = 0 select(27, [6 24 25 26], [], NULL, {9999, 0}) = 1 (in [24], left {9993, 133747}) gettimeofday({1335971425, 122816}, NULL) = 0 accept(24, {sa_family=AF_INET, sin_port=htons(61726), sin_addr=inet_addr("192.168.1.20")}, [16]) = 28 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f07d9ead9f0) = 4371 close(28) = 0 gettimeofday({1335971425, 133599}, NULL) = 0 Do you have any ideas on why the smbpasswd file is being changed, and how to correct this behavior so the smbpasswd file is not changed? Thanks, Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba