Edmundo Valle Neto wrote:
Alan Goodman escreveu:
Edmundo Valle Neto wrote:
Alan Goodman escreveu:
I have implemented samba with LDAP backend, domain logins and
roaming profiles and everything is great - except for one thing.
Noone can change their passwords from windows - trying to change
your password results in windows telling you your not allowed to do
that!
I did smbldap-show alan and among other information the line:
sambaPwdCanChange: 0 appeared.
From my understanding if I do smbldap-usermod -A0 -B0 alan that
line should then be changed to have a value of 1 allowing users to
change passwords from their windows logins, however running the
above command does not appear to be changing these values at all
and thus im left with manually smbldap-passwd user to change each
persons passwords (which does work)
If someone could let me know which logs you require and how to
obtain them I would be happy to post them up here.
OS = CentOS 5.1
Alan
Post your smb.conf.
Edmundo Valle Neto
http://pastebin.com/f5fba0114
Alan
netbios name = MARANATHACENTRA
Netbios names can have a maximum of 12 characters, it will probably be
truncated. (but this isnt related to your problem)
You only need password options if you want that unix passwords stay in
sync.
Then, you only need "ldap passwd sync = Yes". Its commented out, you
already tried it? What happens?
These three options together works too.
unix password sync = Yes
passwd program = /usr/local/sbin/smbldap-passwd -u %u
passwd chat = "Changing password for*\nNew password*" %n\n "*Retype
new password*" %n\n"
Theres a double quote that isn't needed at the end (its not opening
nor closing any string), the old smbldap-tools documentation shows
that way (wrong), I dont have sure if it is really a problem.
If it doesn't work as you said that it works at command line, include
a piece of log using level 3 when a client try to change its password.
Regards.
Edmundo Valle Neto
Besides that, the configuration is right.
"/usr/local/sbin/smbldap-passwd -u anyuser" works when executed from
the command line?
What samba version you use, you compile your own packages?
Here you go...
http://pastebin.com/f61c911dd - logs
In answer to your questions...
Yeah that command works as root on the CLI
Samba version is 3.0.25b-1.el5_1.4
No I used the RPM's
OpenLDAP version...
slapd -V
@(#) $OpenLDAP: slapd 2.3.27 (Nov 10 2007 09:24:08) $
[EMAIL PROTECTED]:/builddir/build/BUILD/openldap-2.3.27/openldap-2.3.27/build-servers/servers/slapd
Many thanks for your help. It is much appreciated.
Alan
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
