I was able to get the password to change by chaning the passwd program to passwd program = /var/lib/samba/sbin/smbldap-passwd.pl
But now when the users change their passwords it gives them an error that the old password is incorrect but still changes it. Any thoughts
Joe Werle Paul Gienger wrote:
What version of samba are you running? There was a 'bug' related to changing passwords failing after the clients downloaded a certain update from windowsupdate. I believe the fix was in 3.0.4???
Joseph E. Werle wrote:
Ok I have searched the archives and have tried several different options but cant seem to get this to work. When users try and change their password from windows they get an error saying they do not have permission to change their password. any help wourld be appreciated.
I am running Samba3 with an ldap backend.
Here is my smb.conf file: [global]
workgroup = HGW
netbios name = LUCIFER
server string = Lucifer PDC
interfaces = eth0, lo
security = user
bind interfaces only = YES
encrypt passwords = yes
unix password sync = yes
pam password change = yes
passwd program = /usr/bin/passwd %u
ldap password change = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
passdb backend = ldapsam:ldap://127.0.0.1
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
name resolve order = wins bcast hosts
time server = yes
printcap name = CUPS
show add printer wizard = no
add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u'
delete user script = /var/lib/samba/sbin/smbldap-userdel.pl %u
add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p '%g'
delete user script = /var/lib/samba/sbin/smbldap-groupdel.pl '%g'
add user to group script = /var/lib/samba/sbin/smbldap-groupmod.pl -m '%u' '%g'
delete user from group script = /var/lib/samba/sbin/smbldap-groupmod.pl -x '%u' '%g'
set primary group script = /var/lib/samba/sbin/smbldap-usermod.pl -g '%g' '%u'
add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u'
logon home = \\%L\%U
logon script = %U.bat
logon path = \\%L\profiles\%U
logon drive = U:
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap suffix = dc=hosgonewhack, dc=com
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
sample entry from ldap: dn: uid=jwerle, ou=People, dc=hosgonewhack,dc=com sambaPrimaryGroupSID: <EDIT> sambaLMPassword: <EDIT> displayName: System User sambaLogonScript: jwerle.cmd objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: sambaSamAccount userPassword:: <EDIT> sambaLogonTime: 0 sambaHomeDrive: U: uid: jwerle uidNumber: 1000 cn: jwerle sambaLogoffTime: 2147483647 sambaPwdLastSet: 1090989705 sambaAcctFlags: [U] loginShell: /bin/bash sambaProfilePath: \\LUCIFER\profiles\jwerle gidNumber: 512 sambaPwdMustChange: 1094877705 sambaPwdCanChange: 0 sambaNTPassword: <EDIT> gecos: System User sambaSID: <EDIT> description: System User homeDirectory: /home/jwerle sambaKickoffTime: 0 sn: jwerle sambaHomePath: \\LUCIFER\homes
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba