2008/2/21, Rob Mason [EMAIL PROTECTED]:
Hi,
I've had this problem on FreeBSD. Basically the behaviour of 'passwd'
changed somewhere between releases 5 and 7. I solved this by writing a
shell wrapper for the passwd tool. As simple as:
#!/bin/sh
/usr/bin/passwd -l $1
echo Password Changed
Call the file smbpass.sh and alter smb.conf accordingly:
passwd program = /root/smbpass.sh %u
passwd chat = *Password* %n\n *Password* %n\n *Changed*
unix password sync = Yes
Using wrappers makes a great deal of sense...
For a mission critical production system you may want to put more error
checking into the shell script, but hey, you get the idea ;-)
Hope this helps.
R
Jon Theil Nielsen wrote:
I can't get my Samba PDC (FreeBSD 7,0-BETA3) changing UNIX passwords
from Windows clients (Ctrl-Alt-Del).
I now have the password chat debug active and I have loglevel 100.
I am not certain about the syntax in the password chat. But if I from
a console try to change the password of a given user (here testuser1),
I see these lines:
mflserver3# /usr/bin/passwd testuser1
Changing local password for testuser1
New Password: (entering the password)
Retype New Password: (entering it again)
From that i guess the expression in the chat would be:
*Changing*local*password*for* %u\n *New*Password* %n\n
*Retype*New*Password* %n\n
Selected parts of the log shows:
[2008/02/13 17:47:07, 100] smbd/chgpasswd.c:expect(279)
expect: expected [*Changing*local*password*for*] received [Changing
local password for testuser1
New Password:] match yes
[2008/02/13 17:47:07, 10] smbd/chgpasswd.c:expect(290)
expect: returning True
[2008/02/13 17:47:07, 100] smbd/chgpasswd.c:expect(242)
expect: sending [testuser1
]
[2008/02/13 17:47:07, 10] lib/util_sock.c:read_socket_with_timeout(476)
read_socket_with_timeout: timeout read. select timed out.
[2008/02/13 17:47:07, 100] smbd/chgpasswd.c:expect(279)
expect: expected [*New*Password*] received [
Retype New Password:] match yes
[2008/02/13 17:47:07, 10] smbd/chgpasswd.c:expect(290)
expect: returning True
[2008/02/13 17:47:07, 100] smbd/chgpasswd.c:expect(242)
expect: sending [VerySecret
]
[2008/02/13 17:47:10, 10] lib/util_sock.c:read_socket_with_timeout(476)
read_socket_with_timeout: timeout read. select timed out.
[2008/02/13 17:47:10, 100] smbd/chgpasswd.c:expect(279)
expect: expected [*Retype*New*Password*] received [
Mismatch; try again, EOF to quit.
New Password:] match no
[2008/02/13 17:47:10, 2] smbd/chgpasswd.c:expect(285)
expect: Unknown error: 0
[2008/02/13 17:47:10, 3] smbd/chgpasswd.c:talktochild(316)
Response 3 incorrect
[2008/02/13 17:47:10, 3] smbd/chgpasswd.c:chat_with_program(372)
chat_with_program: Child failed to change password: testuser1
[2008/02/13 17:47:10, 3] smbd/sec_ctx.c:pop_sec_ctx(415)
pop_sec_ctx (1035, 1036) - sec_ctx_stack_ndx = 1
[2008/02/13 17:47:10, 5]
rpc_parse/parse_samr.c:init_samr_r_chgpasswd_user(7576)
init_samr_r_chgpasswd_user
[2008/02/13 17:47:10, 5]
rpc_server/srv_samr_nt.c:_samr_chgpasswd_user(1581)
_samr_chgpasswd_user: 1581
[2008/02/13 17:47:10, 5] rpc_parse/parse_prs.c:prs_debug(84)
00 samr_io_r_chgpasswd_user
[2008/02/13 17:47:10, 5] rpc_parse/parse_prs.c:prs_ntstatus(769)
status: NT_STATUS_ACCESS_DENIED
As told, I'm not confident with the syntax. Have I made it wrong? Or
can you see anything else from the log that can pinpoint the problem?
I would believe that there must be several admins out there who use
the combination of of Samba and FreeBSD without having these problems.
Cheers,
Jon Theil Nielsen
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Hi,
Thanks for this idea. I did't see it until now, but I will try it out for
sure.
Regards,
Jon
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
