RE: [Samba] What exactly IS the winbind daemon?
A related question: If you are not using winbind you wouldn't be using idmap (identity mapping) either. Correct? I have a Samba PDC w/ LDAP backend that serves few windows computers. I also have Linux clients that authenticate using LDAP. All user accounts are both windows (sambaSAMAccount) and unix accounts (posix, shadow Accounts). So users can login to windows or linux. Do I need to use LDAP idmap? Let's say I add another samba server to PDC domain that also **allows** unix logins using LDAP authentication. Do I have to run winbind on this domain samba member? (my guess: No) Let's say I add another samba server to PDC domain that **doesn't** allow unix logins using LDAP authentication. Do I have to run winbind on this domain samba member? (my guess: Yes) Thank you for the help! Cheers, Raj --- Josh Lindenmuth <[EMAIL PROTECTED]> wrote: > You are correct, you don't need winbindd unless you > are connecting a Windows > domain. > > -Original Message- > From: > [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > On > Behalf Of Oliver Heering > Sent: Thursday, July 28, 2005 7:32 AM > To: samba@lists.samba.org > Subject: [Samba] What exactly IS the winbind daemon? > > Hi, > > maybe this is a newbie-question, but ... here we go: > > I read the documentation for winbindd several times > now but didn't get > far. We run Samba as primary domain controller for > several dozen > clients and over 3000 users and never used winbind, > so my question is > quite simple: > > What does winbind provide and when do i need it? > I assume that winbind is only used when i use samba > as a client in a > domain with a MS domain controller, is that correct? > > mfg, > Oliver Heering > Medienzentrum der Universität Dortmund > http://www.medienzentrum.uni-dortmund.de > > -- > To unsubscribe from this list go to the following > URL and read the > instructions: > https://lists.samba.org/mailman/listinfo/samba > > -- > To unsubscribe from this list go to the following > URL and read the > instructions: > https://lists.samba.org/mailman/listinfo/samba > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] error: modify/delete: sambaLMPassword: no such value
Thanks for the info! I'm using samba-3.0.9-1.3E.3 I wonder if upgrading to 3.0.14a (current version) solves this problem. More information about the problem: Instead of using "ldap password sync = yes" in my smb.conf I'm using unix password sync = yes password program = /usr/bin/passwd password chat = ... I chose to use unix password sync because ldap password sync is not updating "shadowlastchange" attribute and it is causing problems for us. I'm using smbk5pwd overlay to sync samba password from unix. If I disable smbk5pwd overaly or use ldap password sync instead of unix password sync I dont see this error message. Thanks again for the info!!! --- "Gerald (Jerry) Carter" <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Raj Kumar wrote: > | Hello, > | > | Just today I started getting this error message > when > | the user changes his password using smbpasswd. The > | password does change. But I see this error message > in > | the log file and the > | > | machine 127.0.0.1 rejected the password change: > Error > | was : RAP86: The specified password is invalid. > | Failed to change password for luser2 > > It's a bad error code IIRC. If the password is > changed you should be able to just ignore it. It's > been fixed in the current SAMBA_3_0 svn tree. > > > > > > > > > cheers, jerry > = > Alleviating the pain of Windows(tm) --- > http://www.samba.org > GnuPG Key- > http://www.plainjoe.org/gpg_public.asc > "I never saved anything for the swim back." > Ethan Hawk in Gattaca > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.0 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - > http://enigmail.mozdev.org > > iD8DBQFC5jgnIR7qMdg1EfYRArDvAJ9nC63+/LbLFlX44Xpz6CSdsi4gzACbBXi2 > W5fjrqiJdqazLA5p1JkWgnk= > =ZRCA > -END PGP SIGNATURE- > Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] error: modify/delete: sambaLMPassword: no such value
Hello, Just today I started getting this error message when the user changes his password using smbpasswd. The password does change. But I see this error message in the log file and the machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for luser2 Jul 25 22:44:53 sambaserver1 smbd[18878]: ldapsam_update_sam_account: failed to modify user with uid = luser2, error: modify/delete: sambaLMPassword: no such value (Success) Jul 25 22:44:53 sambaserver1 smbd[18878]: [2005/07/25 22:44:53, 0] libsmb/smbencrypt.c:decode_pw_buffer(539) Jul 25 22:44:53 sambaserver1 smbd[18878]: decode_pw_buffer: incorrect password length (481736093). Jul 25 22:44:53 sambaserver1 smbd[18878]: [2005/07/25 22:44:53, 0] libsmb/smbencrypt.c:decode_pw_buffer(540) Jul 25 22:44:53 sambaserver1 smbd[18878]: decode_pw_buffer: check that 'encrypt passwords = yes' Jul 25 22:44:53 sambaserver1 samba(pam_unix)[18878]: session closed for user luser2 __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Synchronization of passwords - ldap and samba
Use the overlay smbk5pwd in OpenLDAP 2.3.4 contrib directory However, you might experience some problem if you want to implement password aging. --- linuxlady <[EMAIL PROTECTED]> wrote: > I've configured a LDAP/Samba server. I've got > password syncing working partly: > > -- windows client - users can change their password > and pam_smbpass.so > will change the ldap password. > > -- LDAP server - user logs on to LDAP server, the > ldap password can be > changed and pam_smbpass.so will change the samba > password. > > Here is the problem. On the linux client, the user > can change his > password using the passwd command, and the user's > ldap password will > be changed - but it doesn't seem to change the > user's samba password. > > On the LDAP Server (SuSE 9.3), I'm using: > > /etc/pam.d/passwd > #%PAM-1.0 > auth includecommon-auth > account includecommon-account > password includecommon-password > session includecommon-session > password required pam_smbpass.so use_authtok >use_first_pass > > /etc/samba/smb.conf > ldap password sync = yes > > How can I get password syncing to work from both the > linux and windows clients? > > The linux client is running ubuntu. > > Yasi > -- > To unsubscribe from this list go to the following > URL and read the > instructions: > https://lists.samba.org/mailman/listinfo/samba > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
