Greetings list. I've been trolling the archives and google searches all morning and cannot seem to come up with an answer to this, though I'm not the first to experience the problem. I'm running samba on FreeBSD 5.2.1-p4, installed from the ports collection.
When a user other than root attempts to change an smb password (either through SWAT or with smbpasswd) I get the following error: (These users were originally created using SWAT, do show up in the smbpasswd file) smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for testuser >From the log.servername: [2004/06/16 11:49:17, 0] rpc_server/srv_pipe.c:api_pipe_auth_process(1307) api_pipe_auth_process: NTLMSSP check failed. [2004/06/16 11:49:17, 0] rpc_server/srv_pipe_hnd.c:process_request_pdu(586) process_request_pdu: failed to do auth processing. [2004/06/16 11:49:17, 1] smbd/chgpasswd.c:check_oem_password(822) LM password change supplied for user testuser, but we have no LanMan password to check it with If I remove "lanman auth = No: from the smb.conf file I get this instead: [2004/06/16 11:47:33, 0] rpc_server/srv_pipe.c:api_pipe_auth_process(1307) api_pipe_auth_process: NTLMSSP check failed. [2004/06/16 11:47:33, 0] rpc_server/srv_pipe_hnd.c:process_request_pdu(586) process_request_pdu: failed to do auth processing. On the client side, when attempting to change password using ctl-alt-delete the user will see an error stating that they do not have permission to change their password. I've included my smb.conf file as an attachment, any pointers in the right direction would be very greatly appreciated. Thanks! Sean. <<smb_conf.txt>>
# Samba config file created using SWAT # from 192.168.0.1 (192.168.0.1) # Date: 2004/06/01 11:42:58 # Global parameters [global] workgroup = DOMAIN server string = Samba %v on %L passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat = *New\sPassword:* %n\n *Retype\snew\spassword:* %n\n *passwd:\sdone* unix password sync = Yes lanman auth = No log file = /var/log/samba/log.%m max log size = 50 min protocol = NT1 add user script = /usr/sbin/pw useradd %u -d /home/%u -c "Samba User Account" -s /bin/bash -g staff delete user script = /usr/sbin/pw userdel %u add group script = /usr/sbin/pw groupadd %g delete group script = /usr/sbin/pw groupdel %g add machine script = /usr/sbin/pw useradd %u -d /dev/null -c "Samba Machine Account" -s /sbin/nologon -g machines logon script = logon.bat logon path = \\%L\Profiles\%U logon drive = H: domain logons = Yes os level = 65 lm announce = No preferred master = Yes domain master = Yes dns proxy = No invalid users = bin, deamon, sys, man, toor, operator, tty, kmem, games, sshd, smmsp, mailnull, bind, uucp, xten, pop, www admin users = @wheel hide unreadable = Yes veto files = /.AppleDB/.AppleDouble/Network Trash Folder/*DS_Store/Temporary Items/TheVolumeSettingsFolder/.snap/.AppleDesktop/ load printers = yes printing = cups printcap = cups [homes] comment = Home Directories read only = No browseable = No [netlogon] comment = Network Logon Service path = /usr/local/samba/netlogon guest ok = Yes share modes = No [Profiles] path = /usr/local/samba/profiles read only = No create mask = 0700 directory mask = 0700 guest ok = Yes browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = yes public = yes printer admin = @wheel writable = no [print$] comment = Printer Drivers path = /usr/local/samba/pdrivers browseable = yes guest ok = no read only = yes write list = root [shared] comment = Shared access folder path = /usr/home/share read only = No create mask = 0777 directory mask = 0777 [archive] comment = Archive is not backed up path = /usr/var/spool/archive read only = No create mask = 0777 directory mask = 0777 [HPLaserjet5] comment = LaserJet 5simx path = /var/spool/samba printable = Yes public = yes printer admin = @wheel writable = no
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba