Re: [Samba] unix password sync
If you configure Samba4 as a AD DC or member server, there is not need for Unix users to be created at all since the user database is stored on the AD itself and not in passwd or similar. You can even allow AD users to access the Unix machine, create home directories on the fly and many other things by properly configuring winbind and PAM. BTW, I was using the "unix password sync" option in Samba3 until a couple of months ago, without hassle. Best regards. On Wed, Aug 21, 2013 at 10:18 PM, Krzysztof Szarlej wrote: > Hi guys, Back in the days i tried to configure samba 3 and I had problem > with bugged unix password sync option. It didnt work. > > Is this problem solved in Samba 4? > > Regards > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] unix password sync
Hi guys, Back in the days i tried to configure samba 3 and I had problem with bugged unix password sync option. It didnt work. Is this problem solved in Samba 4? Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] unix password sync doesnt work
Did you solve this? Are you using different (older) version of samba? 2013/6/30 Björn JACKE > On 2013-06-30 at 11:39 +0200 Krzysztof Szarlej sent off: > > Hi I am struggling with samba password syncing. Everything works fine but > > this syncing. It simply doesnt work, I was setting it according to > > different tutorials aswell as samba docs. > > > > > > My [global] in smb.conf looks as follows I have been changing passwd chat > > directive to passwd chat = New*password: %n\n Retype*new*password: %n\n > > passwd:*all*authentication*tokens*updated*successfully but also it didnt > > work. > > > > [global] > > workgroup = WORKGROUP > > security = user > > map to guest = bad user > > unix password sync = yes > > passwd program = /usr/bin/passwd %u > > sorry, the "password program" parameter is not usable curently. Have a > look at > https://bugzilla.samba.org/show_bug.cgi?id=8299 - maybe this is your > issue, > too. > > Björn > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] unix password sync doesnt work
On 2013-06-30 at 11:39 +0200 Krzysztof Szarlej sent off: > Hi I am struggling with samba password syncing. Everything works fine but > this syncing. It simply doesnt work, I was setting it according to > different tutorials aswell as samba docs. > > > My [global] in smb.conf looks as follows I have been changing passwd chat > directive to passwd chat = New*password: %n\n Retype*new*password: %n\n > passwd:*all*authentication*tokens*updated*successfully but also it didnt > work. > > [global] > workgroup = WORKGROUP > security = user > map to guest = bad user > unix password sync = yes > passwd program = /usr/bin/passwd %u sorry, the "password program" parameter is not usable curently. Have a look at https://bugzilla.samba.org/show_bug.cgi?id=8299 - maybe this is your issue, too. Björn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] unix password sync doesnt work
Hi I am struggling with samba password syncing. Everything works fine but this syncing. It simply doesnt work, I was setting it according to different tutorials aswell as samba docs. My [global] in smb.conf looks as follows I have been changing passwd chat directive to passwd chat = New*password: %n\n Retype*new*password: %n\n passwd:*all*authentication*tokens*updated*successfully but also it didnt work. [global] workgroup = WORKGROUP security = user map to guest = bad user unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New password* %n\n *new password* %n\n *success* debug level = 100 passwd chat debug = yes I am running Samba 3.6.9 on Centos 6.4 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] unix password sync doesnt work
Hi I am struggling with unix password sync. My samba works good but it cannot sync the password . My [global] look as follows: -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Unix password sync
>On Fri, May 14, 2010 at 3:46 PM, Alessandro Grandi wrote: > > If I login the server as a user of the domain and I try: > > $smbpasswd > > I put the old password, then the new and I get the following: > > "SAMR connection to machine NT_STATUS_ACCESS_DENIED failed. Error was > > 127.0.0.1, but LANMAN password changed are disabled. > > Failed to change password for " > This is bug #2128 - https://bugzilla.samba.org/show_bug.cgi?id=2128 > Originally reported for version 3.0.8 and still broken in 3.5.2. Makes > it impossible to test unix password sync without a Windows box. > > You probably have to edit your password chat. Visually examine what > happens when you change the unix password and edit the chat to match. I tryied to edit my "passwd chat" but it still don't work. This is my output when I change the user password (as root): #passwd silvia Immettere nuova password UNIX: Reimmettere la nuova password UNIX: passwd: password aggiornata correttamente So my passwd chat is: passwd chat = *Immettere*nuova*password*UNIX:*%n*\n* *Reimmettere*la*nuova*password*UNIX:*%n*\n* *passwd:*password*aggiornata*correttamente* but it still don't work. I tried also some different values for passwd chat (even something like: passwd chat = *nuova*password*%n*\n* *nuova*password*%n*\n* *password*) but no way... Maybe there is something I've not understood in the passwd chat sintax? I don't know... I'd like to setup this feature but it's not a critical one (I don't think I'll setup LDAP just for this). Thank you everyone is spending time to answer me! (I appreciate it so much :-) Alessandro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Unix password sync
On Fri, May 14, 2010 at 3:46 PM, Alessandro Grandi wrote: > If I login the server as a user of the domain and I try: > $smbpasswd > I put the old password, then the new and I get the following: > "SAMR connection to machine NT_STATUS_ACCESS_DENIED failed. Error was > 127.0.0.1, but LANMAN password changed are disabled. > Failed to change password for " This is bug #2128 - https://bugzilla.samba.org/show_bug.cgi?id=2128 Originally reported for version 3.0.8 and still broken in 3.5.2. Makes it impossible to test unix password sync without a Windows box. You probably have to edit your password chat. Visually examine what happens when you change the unix password and edit the chat to match. Chris -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Unix password sync
Hi! I'm new in this list and i'm quite new to samba. I'm trying to configure samba as a PDC for a Windows XP network. Samba version: 3.2.5 on Debian Lenny 5.0.4 The domain works, as well profiles. The problem is the "unix password sync" options. My values are: |unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter* new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all* authentication*tokens*updated*successfully*| When i try to change the password from the windows client using an account of the domain (Ctrl+Alt+Canc and then Change password) I get the following message: You do not have permission to change your password. I noticed that when I try to change a password on the server (as root) #smbpasswd It changes the samba password only, but not the linux one. If I login the server as a user of the domain and I try: $smbpasswd I put the old password, then the new and I get the following: "SAMR connection to machine NT_STATUS_ACCESS_DENIED failed. Error was 127.0.0.1, but LANMAN password changed are disabled. Failed to change password for " I googled a lot and I found lot of people asking about problems like this but no solutions. Anyway I hope someone can help me with this :-) What I tryied: 1) I'm Italian, so I tried to change the passwd chat, but didn't work. 2) I've set lanman auth = yes client lanman auth = yes and then when I try (as a domain user) $smbpasswd I get a different error: "machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Password changed for user " But the password don't change! I hope someone can give me some hint to solve the problem :-) Thank you! Alessandro Grandi -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba/Unix password sync with LDAP backend
On 03/15/2010 12:33 PM, simo wrote: On Mon, 2010-03-15 at 12:27 -0400, Gaiseric Vandal wrote: I am using Sun Directory Server. I believe that both the Sun Directory server and the RedHat/Fedora directory server are forks of the earlier Iplanet/Netscape directory server.The samba servers are running on Solaris. With a local (non-ldap) password, root can easily use the passwd command to change a user's password, since entering the old password is not required. But with ldap accounts this doesn't work- if root tries to change another user's password with "passwd -r ldap", the old password is required. Instead you need to use the "ldapasswd" command and authenticate as a user with the appropriate ldap administrative powers. my smb.conf includes passwd program = /etc/samba/smbldappasswd.sh %u passwd chat =*New* %n\n *changed* unix password sync = yes Why don't you use "ldap passwd sync" instead ? Simo. This didn't work last time I tried it. At some point I had unix accounts in NIS, and samba accounts in TDB (local database file on the PDC.) I then moved unix accounts to LDAP. Finally I migrated all the Windows account info out of TDB into LDAP. I think I tried the "ldap passwd sync" option when unix account info was in LDAP but samba passwords were still in TDB. I will try it again now that everything is 100% in LDAP. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba/Unix password sync with LDAP backend
On Mon, 2010-03-15 at 12:27 -0400, Gaiseric Vandal wrote: > > I am using Sun Directory Server. I believe that both the Sun > Directory > server and the RedHat/Fedora directory server are forks of the > earlier > Iplanet/Netscape directory server.The samba servers are running > on > Solaris. With a local (non-ldap) password, root can easily use the > passwd command to change a user's password, since entering the old > password is not required. But with ldap accounts this doesn't work- > if > root tries to change another user's password with "passwd -r ldap", > the > old password is required. Instead you need to use the "ldapasswd" > command and authenticate as a user with the appropriate ldap > administrative powers. > > my smb.conf includes > > passwd program = /etc/samba/smbldappasswd.sh %u > passwd chat =*New* %n\n *changed* > unix password sync = yes > Why don't you use "ldap passwd sync" instead ? Simo. -- Simo Sorce Samba Team GPL Compliance Officer Principal Software Engineer at Red Hat, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba/Unix password sync with LDAP backend
On 03/14/2010 04:07 PM, Miguel Medalha wrote: I have been using Samba+Linux+openLDAP. The password synchronization between the Samba and Unix accounts works well with the use of the "ldap passwd sync" parameter in smb.conf. Now I am in the process of installing my first server using CentOS/Red Hat/389 Directory Server and this does not work in the same way. It seems that some additional software must be installed in each Windows client machine in order to enable password sync. I noticed that it is possible to include the "nss_map_attribute" option in /etc/ldap.conf. Would it be possible to map the "userPassword" attribute to the "sambaNTPassword" attribute in order to have both password requests pointing to a single place? Of course I can experiment with this, but I thought that perhaps someone here has already some acquired knowledge on this... Thank you! I am using Sun Directory Server. I believe that both the Sun Directory server and the RedHat/Fedora directory server are forks of the earlier Iplanet/Netscape directory server.The samba servers are running on Solaris. With a local (non-ldap) password, root can easily use the passwd command to change a user's password, since entering the old password is not required. But with ldap accounts this doesn't work- if root tries to change another user's password with "passwd -r ldap", the old password is required. Instead you need to use the "ldapasswd" command and authenticate as a user with the appropriate ldap administrative powers. my smb.conf includes passwd program = /etc/samba/smbldappasswd.sh %u passwd chat =*New* %n\n *changed* unix password sync = yes #cat /etc/samba/smbldappasswd.sh #!/bin/bash USER="uid="$1",ou=people,o=mydomain.com" echo -n New password: read NEWPASS #uncomment the following 3 lines for diagnostics only #date >> /etc/samba/smbldappasswd.log #echo $USER >> /etc/samba/smbldappasswd.log #echo $NEWPASS >> /etc/samba/smbldappasswd.log /opt/SUNWdsee/dsee6/bin/ldappasswd -h obelix -D "LDAP Admin" -w ldap_admin_password -v -s $NEWPASS $USER The script is owned by root, with perms 700. I really did not like putting a password in a script but couldn't find away around it. The other approach I had tried, with out luck, was trying to pass old password (%o) to the "passwd -r" command. I don't think the old password got passed to the "passwd program." -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba/Unix password sync with LDAP backend
I suppose that this is not possible due to differences in hashing methods. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba/Unix password sync with LDAP backend
I have been using Samba+Linux+openLDAP. The password synchronization between the Samba and Unix accounts works well with the use of the "ldap passwd sync" parameter in smb.conf. Now I am in the process of installing my first server using CentOS/Red Hat/389 Directory Server and this does not work in the same way. It seems that some additional software must be installed in each Windows client machine in order to enable password sync. I noticed that it is possible to include the "nss_map_attribute" option in /etc/ldap.conf. Would it be possible to map the "userPassword" attribute to the "sambaNTPassword" attribute in order to have both password requests pointing to a single place? Of course I can experiment with this, but I thought that perhaps someone here has already some acquired knowledge on this... Thank you! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] unix password sync not working
Howdy, > >I am having problems with synchronisation of samba passwords with unix >passwords. I have set the following in my smb.conf: > >unix password sync = Yes >pam password change = yes >passwd program = /usr/bin/passwd %u >passwd chat = *New*UNIX*password* %n\n *Re*ype*new*UNIX*password* %n\n \ >passwd:*all*authentication*tokens*updated*successfully* >passwd chat debug = yes > > >When trying to change the unix password i have the following: > >samba # smbpasswd bill >New SMB password: >Retype new SMB password: > > >The samba password is changed, however, the unix password in /etc/shadow >is not altered. Even though I have set the passwd chat debug option to >Yes, I do not see any entries in the log file when I run smbpasswd. The >log level is set to 10. Password chat debug only appears at log level 100, as it has the clear-text of passwords in it. Be very careful who can access those log files. Mac Assistant Systems Adminstrator @nibsc.ac.uk [EMAIL PROTECTED] Work: +44 1707 641565 Everything else: +44 7956 237670 (anytime) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] unix password sync not working
Hallo, Andrei, Du (mlists) meintest am 23.10.08: > When trying to change the unix password i have the following: > samba # smbpasswd bill > New SMB password: > Retype new SMB password: > The samba password is changed, however, the unix password in > /etc/shadow is not altered. Even though I have set the passwd chat > debug option to Yes, I do not see any entries in the log file when I > run smbpasswd. The log level is set to 10. Maybe the Linux password program says "password to short"; try it on a console. Or try a password like "a1B2c3D-" with uppercase, numbers etc. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] unix password sync not working
Hi I am having problems with synchronisation of samba passwords with unix passwords. I have set the following in my smb.conf: unix password sync = Yes pam password change = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *Re*ype*new*UNIX*password* %n\n \ passwd:*all*authentication*tokens*updated*successfully* passwd chat debug = yes When trying to change the unix password i have the following: samba # smbpasswd bill New SMB password: Retype new SMB password: The samba password is changed, however, the unix password in /etc/shadow is not altered. Even though I have set the passwd chat debug option to Yes, I do not see any entries in the log file when I run smbpasswd. The log level is set to 10. What am I missing here? Many thanks Andrei -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] unix password sync causes domain joining problem?
Hello, Today I've been trying to set up new test based on 3.0.25b. In some ways I've managed to join Windows machines to domain but not linux machine. All the time I get: test1:/etc# /opt/samba-3.0.25b/bin/net rpc join -U giedz%qwerty [2007/07/26 19:11:21, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(304) error setting trust account password: NT_STATUS_ACCESS_DENIED Unable to join domain GIEDZ. test1:/etc# I checked test1.log file and got: [2007/07/26 17:19:59, 5] auth/auth_util.c:debug_unix_user_token(474) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2007/07/26 17:19:59, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Thu Jul 26 17:26:37 2007 [2007/07/26 17:19:59, 3] smbd/sec_ctx.c:pop_sec_ctx(356) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2007/07/26 17:19:59, 5] lib/username.c:Get_Pwnam_alloc(131) Finding user test1$ [2007/07/26 17:19:59, 5] lib/username.c:Get_Pwnam_internals(75) Trying _Get_Pwnam(), username as lowercase is test1$ [2007/07/26 17:19:59, 5] lib/username.c:Get_Pwnam_internals(93) Trying _Get_Pwnam(), username as uppercase is TEST1$ [2007/07/26 17:19:59, 5] lib/username.c:Get_Pwnam_internals(102) Checking combinations of 0 uppercase letters in test1$ [2007/07/26 17:19:59, 5] lib/username.c:Get_Pwnam_internals(108) Get_Pwnam_internals didn't find user [test1$]! [2007/07/26 17:19:59, 1] rpc_server/srv_samr_nt.c:set_user_info_pw(3410) chgpasswd: Username does not exist in system !?! [2007/07/26 17:19:59, 3] smbd/chgpasswd.c:chgpasswd(462) chgpasswd: Password change (as_root=Yes) for user: test1$ [2007/07/26 17:19:59, 0] smbd/chgpasswd.c:chgpasswd(521) chgpasswd: user test1$ doesn't exist in the UNIX password database. [2007/07/26 17:19:59, 3] smbd/sec_ctx.c:pop_sec_ctx(356) pop_sec_ctx (1001, 513) - sec_ctx_stack_ndx = 0 [2007/07/26 17:19:59, 5] rpc_parse/parse_prs.c:prs_debug(84) 00 samr_io_r_set_userinfo [2007/07/26 17:19:59, 5] rpc_parse/parse_prs.c:prs_ntstatus(769) status: NT_STATUS_ACCESS_DENIED Really strange...why UNIX password database since I have LDAP. In my smb.conf file I have: ldap passwd sync = No unix password sync = Yes passwd program = /opt/samba-3.0.25b/bin/spasswd.pl -u %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n Looks normal. However "unix password sync = Yes" prevents me from joining linux machine to domain. When I remove the line I can join domain well. I also found that if "unix password sync = Yes" my LDAP gets queries regarding test1$ (machine name) in ou=people tree which seems like a mistake/bug? Jul 26 17:19:59 zastest slapd[27192]: conn=82 op=1 SRCH base="ou=people,dc=giedz,dc=pl" scope=1 deref=0 filter="(&(objec tClass=posixAccount)(uid=test1$))" Jul 26 17:19:59 zastest slapd[27192]: conn=82 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory login Shell gecos description objectClass Jul 26 17:19:59 zastest slapd[27192]: conn=82 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= or maybe I do something wrong? Can you please correct me or confirm this strange behaviour. Regards, Marcin -- ARISE M.Giedz, T.Żebruń sp.j. http: www.arise.pl mail: [EMAIL PROTECTED] tel: +48 502 537 157 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] unix password sync not working: "Error was : RAP86: The specified password is invalid"
Hi, we've have a NT domain with samba 3.0.7 on FreeBSD 5.3 and windows XP clients. We use NIS as the Unix backend for user authentication. The User home dir are setup on a other serveur and shared via NFS. Everything used to work fine but since few days the users are unable to change their password either via windows dialog box (the get the usual message "You don't have the permissions to change your password") or via smbpasswd after login onto the Samba PDC server where they get this error message "machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for " I don't know if this is related, but when trying to change the password, samba logs shows that among others debug message "[2006/11/05 22:50:02, 3] smbd/chgpasswd.c:chat_with_program(347) [2006/11/05 22:50:02, 3] smbd/chgpasswd.c:chat_with_program(347) [2006/11/05 22:50:02, 3] smbd/chgpasswd.c:chat_with_program(347) chat_with_program: Cannot Allocate pty for password change: util chat_with_program: Cannot Allocate pty for password change: util chat_with_program: Cannot Allocate pty for password change: util " Setting "Unix password sync = No" permits to workaround the problem but it would be great if we could use the unix password sync functionnality again. I've also noticed than root is able to change the password of any user using smbclient. As far as i can remember, the only configuration change i've made is to change the unix uid of some NIS user and to migrate the server where are kept user home dir to a new one. Here is our minimalistic smb.conf. smb.conf (result of `testparm -s`) # Global parameters [global] workgroup = passdb backend = tdbsam passwd program = /usr/bin/yppasswd %u passwd chat = *\n*ew\spassword* %n\n *ew\spassword* %n\n *Changed*\n password level = 6 unix password sync = Yes log file = /var/log/samba/log.%m logon drive = Z: domain logons = Yes domain master = Yes ldap ssl = no [homes] comment =User Home dir path = %H read only = No [hp-color] comment = HP printer path = /tmp guest ok = Yes printable = Yes printer name = hp-color [netlogon] path = /var/samba/netlogon guest ok = Yes browseable = No == Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] unix password sync = yes, did not sync unix passwd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/12/2006 03:38 AM, beast escreveu: > I'm not sure when the last time I run smbpasswd to change the user > password, however when I run it only change NT and LM hash attribute, > not the unix passwd attributes. > > smb.conf: > ... > passdb backend = ldapsam:"ldap://127.0.0.1"; > unix password sync = yes > passwd program = /usr/local/sbin/passwd.pl %u > passwd chat = *New*password* %n\n *Retype*new*password* %n\n > *passwd:*all*authentication*tokens*updated*successfully* Are you using LDAP? What about using 'ldap passwd sync'? > However it was working find (able to change unix as well as NT password) > when I run from Windows client, such as: > c:\> net user example testonly /domain > > This is incorrect, at least per (surprise) pdbedit documentation: > Note > > pdbedit does not call the unix password syncronisation > script if > unix password sync has been set. It only updates the data > in the > Samba user database. > > If you wish to add a user and synchronise the password > that im- > mediately, use smbpasswd's -a option. > > Ver: samba-3.0.20b > > > --beast Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFDqC8Cj65ZxU4gPQRAsLuAKCnRec3ktz9sDhNi0B6EX9Wti+13ACdHiyO 19OZ8FjG8iF2f5J+dDoyVUc= =oz+1 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] unix password sync = yes, did not sync unix passwd
I'm not sure when the last time I run smbpasswd to change the user password, however when I run it only change NT and LM hash attribute, not the unix passwd attributes. smb.conf: ... passdb backend = ldapsam:"ldap://127.0.0.1"; unix password sync = yes passwd program = /usr/local/sbin/passwd.pl %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* However it was working find (able to change unix as well as NT password) when I run from Windows client, such as: c:\> net user example testonly /domain This is incorrect, at least per (surprise) pdbedit documentation: Note pdbedit does not call the unix password syncronisation script if unix password sync has been set. It only updates the data in the Samba user database. If you wish to add a user and synchronise the password that im- mediately, use smbpasswd's -a option. Ver: samba-3.0.20b --beast -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] unix password sync not working
On Thu, 13 Jul 2006 14:23:14 -0800 Damien Hull <[EMAIL PROTECTED]> wrote: > > And yes, I did it with '/usr/bin/passwd %u' too. No success, no traces. > > > > Maybe the developers have some light the shed on this. (anyone?,please?) > > > > Still waiting for directions... > > > I'm seeing the same thing. I configured samba to update the Unix/Linux > account but it isn't working. I don't have a lot of users at the moment > so changing Linux and samba passwords isn't a big issue. However, I > would like to know why this isn't working. Anyone else to join the choir?? Developers, would you mind to give us a hand here? A FAQ maybe!? Regards Ethy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] unix password sync not working
Ethy H. Brito (by way of Ethy H. Brito <[EMAIL PROTECTED]>) wrote: On Thu, 13 Jul 2006 10:18:13 -0500 Adam Williams <[EMAIL PROTECTED]> wrote: ls -l /tmp/teset results in what? mayve you should comment that out and uncomment the /ur/bin/passwd %u line. Mr. Willians Thank you for your time. As I said earlier, 'passwd program' is not called! But answering to your question: [EMAIL PROTECTED]:~# ls -l /tmp/teste -rwx-- 1 root root 48 2006-07-12 15:42 /tmp/teste* There is no trace of execution (or tentative to execute) the passwd program on the logs (/var/log/samba/log.%m in my setup). And yes, I did it with '/usr/bin/passwd %u' too. No success, no traces. Maybe the developers have some light the shed on this. (anyone?,please?) Still waiting for directions... Regards Ethy I'm seeing the same thing. I configured samba to update the Unix/Linux account but it isn't working. I don't have a lot of users at the moment so changing Linux and samba passwords isn't a big issue. However, I would like to know why this isn't working. I can't offer any logs etc... I haven't had time to dig into the problem. Oh, here's what I'm using 1. Ubuntu Dapper 2. Samba from apt-get 3. workgroup ( no domain ) 4. Using SWAT and Webmin to configure samba 5. It works! ( users connect and access files ) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] unix password sync not working
On Thu, 13 Jul 2006 10:18:13 -0500 Adam Williams <[EMAIL PROTECTED]> wrote: > ls -l /tmp/teset results in what? mayve you should comment that out and > uncomment the /ur/bin/passwd %u line. > Mr. Willians Thank you for your time. As I said earlier, 'passwd program' is not called! But answering to your question: [EMAIL PROTECTED]:~# ls -l /tmp/teste -rwx-- 1 root root 48 2006-07-12 15:42 /tmp/teste* There is no trace of execution (or tentative to execute) the passwd program on the logs (/var/log/samba/log.%m in my setup). And yes, I did it with '/usr/bin/passwd %u' too. No success, no traces. Maybe the developers have some light the shed on this. (anyone?,please?) Still waiting for directions... Regards Ethy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] unix password sync not working
On Thu, 2006-07-13 at 12:14 -0300, Ethy H. Brito wrote: > On Wed, 12 Jul 2006 18:53:56 -0300 > "Ethy H. Brito" <[EMAIL PROTECTED]> wrote: > > Hi again > > Can anyone help me with this, please? > Any doc, FAQ, whatever? I am not afraid reading these. > Google was not my friend this time (or maybe I did not know how to ask). > > > passwd program = /tmp/teste %u Ummm, most /tmp directories have "noexec" hardwired on them. It you do not have that, then who owns the File and is it set to runs as the owner? [EMAIL PROTECTED]:tmp]$ ls -l test.sh -rwsr-xr-x 1 root root 20 2006-07-13 11:43 test.sh [EMAIL PROTECTED]:tmp]$ ls -l /usr/bin/passwd -rwsr-xr-x 1 root root 26616 2005-05-18 02:33 /usr/bin/passwd in any case for these kinds of thing, are best kept to protected filesystems. /tmp isn't a good idea. I had to remount with exec enabled. I believe the real problem though is the fact samba is expecting the program to be suid, if I am not mistaken. -- greg, [EMAIL PROTECTED] The technology that is Stronger, Better, Faster: Linux Use Debian GNU/Linux, its a bazaar thing NOTICE: Due to Presidential Executive Orders, the National Security Agency may have read this email without warning, warrant, or notice, and certainly without probable cause. They may do this without any judicial or legislative oversight. You have no recourse nor protection. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] unix password sync not working
On Wed, 12 Jul 2006 18:53:56 -0300 "Ethy H. Brito" <[EMAIL PROTECTED]> wrote: Hi again Can anyone help me with this, please? Any doc, FAQ, whatever? I am not afraid reading these. Google was not my friend this time (or maybe I did not know how to ask). Regards Ethy > > Hi all > > I trying to sync a samba password with Linux password. I did: > > encrypt passwords = yes > ;passwd program = /usr/bin/passwd %u > passwd program = /tmp/teste %u > update encrypted = no > unix password sync = yes > passwd chat debug = yes > passwd chat = *New*password* %n\n*Re-enter*new*password* %n\n*changed* > > The problem is 'passwd program' is not even called. > > I tried to set 'log level = 100' as said at smb.conf with 'passwd chat debug > = yes' without success. pw prog is still not even called and no log output is > generated which resembles a password exchange. > > (for the curious: /tmp/teste is just a bash script that cat's its parameters > to > a file) > > Environment: > Slackware 10.2 > Samba 3.0.22b > > Any clues to solve this?? > > Regards > > -- > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] unix password sync not working
Hi all I trying to sync a samba password with Linux password. I did: encrypt passwords = yes ;passwd program = /usr/bin/passwd %u passwd program = /tmp/teste %u update encrypted = no unix password sync = yes passwd chat debug = yes passwd chat = *New*password* %n\n*Re-enter*new*password* %n\n*changed* The problem is 'passwd program' is not even called. I tried to set 'log level = 100' as said at smb.conf with 'passwd chat debug = yes' without success. pw prog is still not even called and no log output is generated which resembles a password exchange. (for the curious: /tmp/teste is just a bash script that cat's its parameters to a file) Environment: Slackware 10.2 Samba 3.0.22b Any clues to solve this?? Regards -- Ethy H. Brito /"\ InterNexo Ltda. \ / CAMPANHA DA FITA ASCII - CONTRA MAIL HTML +55 (12) 3979-6860 X ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL S.J.Campos - Brasil / \ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] unix password sync
Dear all: Sorry if this has been posted before, I have a samba server ( 3.0.7 ) running on Fedora Core 1 ( kernel upgraded to 2.6.11) as PDC. I just couldn't make the unix password sync option work. Below is the configuration: unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* passwd chat debug = yes log level = 100 I've tried reading the man page and samba.org documents and have changed the settings around according to various suggestions, none of them worked. Any help would be appreciated. hc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unix Password Sync -- Are Passwords Encryped?
On Wed, May 25, 2005 at 11:12:04AM -0700, Charles McLaughlin wrote: > Hello, > > For Unix Password Sync, I am curios how Samba can provide the passwd > program with an unencrypted password. > > If a Windows user presses Control+Alt+Delete and changes their password, > are the passwords sent over the network in plain text? Does Samba > decrypt the password, then provide it to the passwd program? Yes. The new plaintext password is encrypted with the hash of the old password. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Unix Password Sync -- Are Passwords Encryped?
Hello, For Unix Password Sync, I am curios how Samba can provide the passwd program with an unencrypted password. If a Windows user presses Control+Alt+Delete and changes their password, are the passwords sent over the network in plain text? Does Samba decrypt the password, then provide it to the passwd program? Thanks, Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unix-password-sync in LDAP?
man, 04.04.2005 kl. 19.34 skrev Matthias Spork: > how can I change the user-passwords correctly in my OpenLDAP during > Windows-password-change? > My problem: The script does only change "userPassword", but not the > field "shadowLastChange", so my unix-passwords > expired. shadowLastChange (a specific LDAP attribute for objectClass shadowAccount that doesn't have to be there at all) has nothing to do with Samba or Windows. > unix password sync = yes userPassword is an LDAP attribute for objectClass posixAccount that *does* have to be there for Samba. "unix password sync = yes" applies to posixAccount, not to shadowAccount. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Unix-password-sync in LDAP?
Hello, how can I change the user-passwords correctly in my OpenLDAP during Windows-password-change? My problem: The script does only change "userPassword", but not the field "shadowLastChange", so my unix-passwords expired. unix password sync = yes passwd program = /etc/samba/scripts/ldap_userPassword_change %u passwd chat = *New*password* %n\n *new*password* %n\n *Success* #/etc/samba/scripts/ldap_userPassword_change ldappasswd -x -h server-D 'uid=userPassChange,ou=administration,o=dom,c=com' -w pass -S uid=$1,ou=users,o=dom,c=com Regards; matze -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba unix password sync
Hi there, >I know I had posted this question a while ago, but I have just not been >able to get it to work. I am trying to sync samba passwords with unix >passwords and it is just not working. I have attached the >results of > >If anyone can provide any suggestions that would help me solve my >problem I would highly appreciative. If I run smbpasswd through ssh or >even at a local terminal, I get the error "RAP86" saying that the >password is invalid. RAP86 is the general purpose 'it didn't work' error message. It doesn't necessarily mean that any particluar password is invalid. It's just that you're dealing with account-names and passwords, so the system doesn't give useful messages like 'account doesn't exist' or 'old passowrd was mis-typed' because that sort of info is useful to people trying to break in to your system. I notice you have 'passwd chat debug' turned off. I suggest that you turn it on, and see what's happening when the password sync happens. Don't forget that you'll need to raise the debug level to something like '100' to see the chat debug. And also be aware that the passwords you type will be visible in the log file. I recommend you don't do this on a production server. Do it on a test one if you possibly can. I've worked through this sort of mess before, so if you get utterly stuck then please mail me off-list with the details. Mac Assistant Systems Adminstrator @nibsc.ac.uk [EMAIL PROTECTED] Work: +44 1707 641565 Everything else: +44 7956 237670 (anytime) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba unix password sync
Hello all: I know I had posted this question a while ago, but I have just not been able to get it to work. I am trying to sync samba passwords with unix passwords and it is just not working. I have attached the results of "testparm -sv /etc/samba/smb.conf > smbconfig.txt" with this email. I have also attached the "net groupmap list" results. If anyone can provide any suggestions that would help me solve my problem I would highly appreciative. If I run smbpasswd through ssh or even at a local terminal, I get the error "RAP86" saying that the password is invalid. If I try to change the password through Ctrl+Alt+Del on one of my WinXP domain client machines I get a "You do not have permission to change your password" error. So basically the user is unable to change his password with a single command (smbpasswd). I am wondering if there is something really obvious that I am missing. # Global parameters [global] dos charset = CP850 unix charset = UTF-8 display charset = LOCALE workgroup = VEL realm = netbios name = MISFIT netbios aliases = netbios scope = server string = VEL Domain Server interfaces = bind interfaces only = No security = USER auth methods = encrypt passwords = Yes update encrypted = No client schannel = Auto server schannel = Auto allow trusted domains = Yes hosts equiv = min passwd length = 5 map to guest = Never null passwords = No obey pam restrictions = No password server = * smb passwd file = /etc/samba/smbpasswd private dir = /etc/samba passdb backend = smbpasswd algorithmic rid base = 1000 root directory = guest account = nobody pam password change = No passwd program = /usr/bin/passwd %u passwd chat = *new password* %n\n *new password* %n\n *success* passwd chat debug = No passwd chat timeout = 2 username map = /etc/samba/smbusers password level = 0 username level = 0 unix password sync = Yes restrict anonymous = 0 lanman auth = Yes ntlm auth = Yes client NTLMv2 auth = No client lanman auth = Yes client plaintext auth = Yes preload modules = log level = 2 syslog = 1 syslog only = No log file = /var/log/samba/log.%m max log size = 50 timestamp logs = Yes debug hires timestamp = No debug pid = No debug uid = No smb ports = 445 139 protocol = NT1 large readwrite = Yes max protocol = NT1 min protocol = CORE read bmpx = No read raw = Yes write raw = Yes disable netbios = No acl compatibility = nt pipe support = Yes nt status support = Yes announce version = 4.9 announce as = NT max mux = 50 max xmit = 16644 name resolve order = lmhosts wins host bcast max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = Yes use spnego = Yes client signing = auto server signing = No client use spnego = Yes change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 kernel change notify = Yes lpq cache time = 10 max smbd processes = 0 paranoid server security = Yes max disk size = 0 max open files = 1 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 use mmap = Yes hostname lookups = No name cache timeout = 660 load printers = Yes printcap cache time = 0 printcap name = cups disable spoolss = No enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = mangling method = hash2 mangle prefix = 1 stat cache = Yes machine password timeout = 604800 add user script = delete user script = add group script = delete group script = add user to group script = delete user from group script = set primary group script = add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u shutdown script = abort shutdown script = logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = Yes os level = 33 lm announce = Auto lm interval = 60 preferred master = Auto local master = Yes domain master = Yes browse list = Yes enhanced browsing = Yes dns proxy = Yes wins proxy = No wins server = wins support = No wins hook = wins partners = kernel oplocks = Yes lock spin count = 3 lock spin time = 10 oplock break wait time = 0 ldap suffix = ldap machine suffix = ldap user suffix = ldap group suffix = ldap idmap suffix = ldap filter = (uid=%u) ldap admin dn = ldap ssl = no ldap passwd sync = no ldap delete dn = No ldap replication sleep = 1000 add share command = change share command = delete share command = config file = preload = lock directory = /var/cache/samba pid directory = /var/run utmp directory = wtmp directory = utmp = No default service = message command = dfree command = get quota command = set quota command = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = auto.home afs use
Re: [Samba] unix password sync not working
Thanks Aria, I do use a non-dictionary based 8 character length password with a mix of alpha-numerics. If it got any more complicated then my users would be emailing me everyday for password change. But still no luck. Thanks for your suggestion Ganesh Aria Bamdad wrote: The only restriction that I know of is on the length (per the smb.conf parameter). You may want to try it using a password that complies. Aria. On Thu, 12 Aug 2004 12:10:06 -0500 you said: This is a multi-part message in MIME format. --05040201010603080307 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Thanks Aria, The smbd daemon is running. I did check that. I can do a smbclient -L testserver. Also I did use an 8 character password (my usual length). Is it possible the password change is failing because I am using a dictionary based password? Is that possible? Do I need to consider turning down the password complexity requirements and check it again? The only question is how do I do that? Thanks for your help in advance. Ganesh Aria Bamdad wrote: Oddly enough, if you issue smbpasswd from a user (other than root), the password is changed in both places (unix & smb). However, if root issues smbpasswd for a user, then only the samba password is changed. Ganesh, in your case, make sure that your smbd daemon is running. Another problem that can cause this error is if you change the password to something shorter than 5 characters (the default). Try a longer password. Aria. On Wed, 11 Aug 2004 16:58:44 -0500 you said: I have this problem too. I found this link by googling but no luck. I get a RAP86 error when I enter smbpasswd. If you do find a solution, please do post it to the list. Thanks Ganesh http://freebooks.by.ru/view/SambaIn24h/ch16-02.htm --05040201010603080307 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Thanks Aria, The smbd daemon is running. I did check that. I can do a smbclient -L testserver. Also I did use an 8 character password (my usual length). Is it possible the password change is failing because I am using a dictionary based password? Is that possible? Do I need to consider turning down the password complexity requirements and check it again? The only question is how do I do that? Thanks for your help in advance. Ganesh Aria Bamdad wrote: Oddly enough, if you issue smbpasswd from a user (other than root), the password is changed in both places (unix & smb). However, if root issues smbpasswd for a user, then only the samba password is changed. Ganesh, in your case, make sure that your smbd daemon is running. Another problem that can cause this error is if you change the password to something shorter than 5 characters (the default). Try a longer password. Aria. On Wed, 11 Aug 2004 16:58:44 -0500 you said: I have this problem too. I found this link by googling but no luck. I get a RAP86 error when I enter smbpasswd. If you do find a solution, please do post it to the list. Thanks Ganesh href="http://freebooks.by.ru/view/SambaIn24h/ch16-02.htm";>http://freebooks.by.r u/view/SambaIn24h/ch16-02.htm --05040201010603080307-- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] unix password sync not working
I have this problem too. I found this link by googling but no luck. I get a RAP86 error when I enter smbpasswd. If you do find a solution, please do post it to the list. Thanks Ganesh http://freebooks.by.ru/view/SambaIn24h/ch16-02.htm Aria Bamdad wrote: Hi, I have a samba server configured with SECURITY=USER and am having trouble getting the UNIX PASSWORD SYNC to work. When I use smbpasswd to change a samba user password, everything goes well and the samba password is changed but the unix password is not changed. Per the manuals, samba trys to change the unix password first and if it fails, it will NOT change the samba password. However, the samba password is changed but not the unix password. It's as if it doesn't try the unix password at all. I have the following parameters: Security=user unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *password* %n\n *password* %n\n *successfully* -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] unix password sync not working
Hi, I have a samba server configured with SECURITY=USER and am having trouble getting the UNIX PASSWORD SYNC to work. When I use smbpasswd to change a samba user password, everything goes well and the samba password is changed but the unix password is not changed. Per the manuals, samba trys to change the unix password first and if it fails, it will NOT change the samba password. However, the samba password is changed but not the unix password. It's as if it doesn't try the unix password at all. I have the following parameters: Security=user unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *password* %n\n *password* %n\n *successfully* -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Unix Password sync
Hello all, I recently installed White Box Linux with Samba as a PDC and am trying to sync Samba passwords with the Linux passwords. I have the smb.conf posted below. My questions are: 1) Do I run a 'smbpasswd' or 'passwd' to change the users password with synchronization? 2) I get an error with smbpasswd: machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for testuser What am I missing? Could anyone point me in the direction of a URL or a solution that will help me? Thanks in advance Ganesh # Global parameters [global] workgroup = TEST server string = test domain server passwd program = /usr/bin/passwd %u username map = /etc/samba/smbusers unix password sync = Yes log level = 2 log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = /etc/printcap domain logons = Yes os level = 255 preferred master = Yes dns proxy = No admin users = @wheel browseable = No [homes] comment = Home Directories path = /home/netlogon read only = No [testuser] comment = testuser Home path = /home/testuser valid users = testuser, root read only = No -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unix password sync
Quoting "Ben Jensz" > So basically because it won't even work via smbpasswd from the > machine > as the unprivileged user, then changing from Windows won't (and > doesn't) > work either. I'm running SuSE 9.0 samab-2.2.8a, and the default settings for "passwd program" are NOT correct. I had to add "%u" to: passwd program = /usr/bin/passwd %u According to my smb.conf.5.html... "Note that if the unix password sync parameter is set to yes then this program is called AS ROOT before the SMB password in the smbpasswd(5) file is changed. If this UNIX password change fails, then smbd will fail to change the SMB password also (this is by design)." This is the reason you need to add "%u". HTH -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unix password sync
Nope, but according to the docs anyway, when doing a unix password sync, Samba as root calls the passwd command. So in terms of root operating the passwd command, it won't obey password charateristic restrictions anyway as root changing passwords overrides that anyway (at least on the Linux system I'm using it on). Thanks for the suggestion though :) John Terpstra double checked my configuration off-list and he could also reproduce the problem and suggested I file a bug report (which I've done). Cheers, Ben Jörn Nettingsmeier wrote: a guess: did you configure any password restrictions such as a minimum length? if so, does the password you are trying to set adhere to those restrictions? just a shot in the dark, jörn -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unix password sync
Greetings Try, as root "smbpasswd -e username" where username is the non-root user having this problem. I was having this problem too. I don't know the details, but try it out and let the list know the results please. References; http://www.linuxquestions.org/questions/archive/14/2003/06/4/62307 http://lists.samba.org/archive/samba/2003-January/059012.html http://www.spinics.net/lists/samba/msg07918.html http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&c2coff=1&q=RAP86&btnG=Google+Search Ben Jensz wrote: Hi all, Sorry if this has been answered before, but I've searched Google and the archives and it hasn't revealed an answer to my problem. Basically I'm trying to get unix password sync to work so that users can change both their logon and other services (POP3 etc) passwords from within Windows. but the problem is that if I enable unix password sync, it fails with the error of: [EMAIL PROTECTED] user]$ smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for user So basically because it won't even work via smbpasswd from the machine as the unprivileged user, then changing from Windows won't (and doesn't) work either. But of course, if I turn off unix password sync, password changes by the users on the command line with smbpasswd work fine and they do from Windows as well. I have tried a variety of versions of Samba from earlier 2.2.x series, to the latest 2.2.8a version and the latest 3.0.x versions as well. So it doesn't appear to be a bug in any specific version of Samba causing the problem. I'm running Samba on a Fedora Core 1 machine, but I've also tested unix password sync on another machine with Red Hat 7.3 on it and it fails on that one also if unix password sync is on. What else needs to be done to get this to work properly? TIA. / Ben -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unix password sync
Ben, Email me your smb.conf and I'll report back on it . - John T. On Tue, 24 Feb 2004, Ben Jensz wrote: > See below.. > > John H Terpstra wrote: > > > > >What is in your smb.conf file for: > > > > interfaces = > >?? > > > >Do you have: > > > > bind interfaces only = Yes > > > >?? > > > >What entries to you have for: > > > > hosts allow = > > hosts deny = > > > >?? > > > > > > > I haven't configured any of the above, so they are at their defaults. > The machine has one interface (apart from localhost of course). > > >Do you have a firewall on this machine? > > > > > > > Nope, not yet. > > >- John T. > > > > > > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unix password sync
See below.. John H Terpstra wrote: What is in your smb.conf file for: interfaces = ?? Do you have: bind interfaces only = Yes ?? What entries to you have for: hosts allow = hosts deny = ?? I haven't configured any of the above, so they are at their defaults. The machine has one interface (apart from localhost of course). Do you have a firewall on this machine? Nope, not yet. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unix password sync
On Tue, 24 Feb 2004, Ben Jensz wrote: > Hi all, > > Sorry if this has been answered before, but I've searched Google and the > archives and it hasn't revealed an answer to my problem. > > Basically I'm trying to get unix password sync to work so that users can > change both their logon and other services (POP3 etc) passwords from > within Windows. but the problem is that if I enable unix password sync, > it fails with the error of: > > [EMAIL PROTECTED] user]$ smbpasswd > Old SMB password: > New SMB password: > Retype new SMB password: > machine 127.0.0.1 rejected the password change: Error was : RAP86: The > specified password is invalid. > Failed to change password for user > > So basically because it won't even work via smbpasswd from the machine > as the unprivileged user, then changing from Windows won't (and doesn't) > work either. But of course, if I turn off unix password sync, password > changes by the users on the command line with smbpasswd work fine and > they do from Windows as well. > > I have tried a variety of versions of Samba from earlier 2.2.x series, > to the latest 2.2.8a version and the latest 3.0.x versions as well. So > it doesn't appear to be a bug in any specific version of Samba causing > the problem. I'm running Samba on a Fedora Core 1 machine, but I've > also tested unix password sync on another machine with Red Hat 7.3 on it > and it fails on that one also if unix password sync is on. > > What else needs to be done to get this to work properly? What is in your smb.conf file for: interfaces = ?? Do you have: bind interfaces only = Yes ?? What entries to you have for: hosts allow = hosts deny = ?? Do you have a firewall on this machine? - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Unix password sync
Hi all, Sorry if this has been answered before, but I've searched Google and the archives and it hasn't revealed an answer to my problem. Basically I'm trying to get unix password sync to work so that users can change both their logon and other services (POP3 etc) passwords from within Windows. but the problem is that if I enable unix password sync, it fails with the error of: [EMAIL PROTECTED] user]$ smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for user So basically because it won't even work via smbpasswd from the machine as the unprivileged user, then changing from Windows won't (and doesn't) work either. But of course, if I turn off unix password sync, password changes by the users on the command line with smbpasswd work fine and they do from Windows as well. I have tried a variety of versions of Samba from earlier 2.2.x series, to the latest 2.2.8a version and the latest 3.0.x versions as well. So it doesn't appear to be a bug in any specific version of Samba causing the problem. I'm running Samba on a Fedora Core 1 machine, but I've also tested unix password sync on another machine with Red Hat 7.3 on it and it fails on that one also if unix password sync is on. What else needs to be done to get this to work properly? TIA. / Ben -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Unix Password Sync Question
I have: [global] log level = 3 netbios name = CAIRO workgroup = EGYPT server string = %h server (Samba %v) guest account = nobody invalid users = root log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 passdb backend = tdbsam security = user encrypt passwords = true name resolve order = bcast add user script = /usr/sbin/useradd %u unix password sync = yes passwd program =/usr/bin/passwd %u passwd chat = \ *Enter\snew\sUNIX\spassword:*%n\n*Retype\snew\sUNIX\spassword:* %n\n . passwd chat debug = yes obey pam restrictions = yes ...now for the life of me I can't get smbpasswd to trigger the passwd program. Here's a few things I've tried: * Add a user "lloy0076" - smbpasswd -a lloy0076 * Change said user's password - nothing gets entered in the logs - the Unix password stays the same - the Samba password is changed (verified by using smbclient with new password and it works) I've changed passwd program to: passwd program = touch /tmp/%u ...and nothing is enter in /tmp/%u. I'm not sure what's up. Version of samba is: mordor:~# /usr/sbin/smbd -V Version 3.0.0-Debian ...I can't find any obvious bugs on bugs.debian.org that might cause this. Anyone got any suggestions? DSL -- The Open Source Business Network in SA ...will be open soon! Watch this space. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] unix password sync trouble
Hi, I'm having some trouble with my password databases. I'm using my self-made Linux installation (LFS, http://www.linuxfromscratch.com) and I'm trying to make it a Samba PDC. I'd like to keep both UNIX and SMB passwords synchronized. I managed to make passwd adapt both passwords (using some PAM-configuration). However, if I want to change my password using smbpasswd I get the following error logged: smbd/chgpasswd.c:findpty(73) findpty: Unable to create master/slave pty pair I don't really know what it means, bu I suppose a 'pty' is the communication channel between the SMB daemon and the passwd program. Does anyone know what is wrong on my system? Thanks, Niels -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] unix password sync = yes problems
Hey all, I'd like to be able to sync up the smbpasswd file with the unix passwd file. I've read that I can do this with the option unix password sync set to yes. Here is the part of my relevant smb.conf: encrypt passwords = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n unix password sync = Yes What else am I missing? With the above configuration I should be able to change a user's password with smbpasswd and have that same command change the /etc/passwd file at the same time, right? What am I missing? I've tried that, and it doesn't work. Any advice would be greatly appreciated. Bob -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] unix password sync = yes problems
Hey all, I'd like to be able to sync up the smbpasswd file with the unix passwd file. I've read that I can do this with the option unix password sync set to yes. Here is the part of my relevant smb.conf: encrypt passwords = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n unix password sync = Yes What else am I missing? With the above configuration I should be able to change a user's password with smbpasswd and have that same command change the /etc/passwd file at the same time, right? What am I missing? I've tried that, and it doesn't work. Any advice would be greatly appreciated. Bob -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RE: [Samba] "unix password sync" doesn´t work !
I would check out the following: passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* type passwd as if you were to change your unix password manually, now make sure the above text matches up. You might find that the "ReType*new..." should be "Retype*new...". If they don't match up exactly, it won't work. I know that mine has to be a lowercase 't' in "Retype". I'm not sure what the error is, but perhaps that will help. --Kaleb -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Patrick RobertoSent: Friday, June 14, 2002 12:03 PMTo: SambaSubject: [Samba] "unix password sync" doesn´t work ! Hello ... This is my first message to the list (sorry my bad english :-D) I have a recent instalation of RedHat 7.2 in my computer, whithout Samba i installed version 2.2.4 now, but i have a BIG problem ... take a look: - When the option "unix password sync" is set to "No", the users change their passwords with smbpasswd command ... but : - When the option "unix password sync" is set to "Yes", i try to change password with smbpasswd command and have a error: [test2@server test2]$ smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was: RAP86: The specified password is invalid Failed to change password for test2 look my smb.conf: [global] workgroup = MYGROUP netbios name = SERVER security = USER encrypt passwords = Yes update encrypted = Yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yespasswd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* passwd chat debug = Yes passwd program = /usr/bin/passwd %u I try changing the "passwd chat" option , adding: *Old Pasword* %o\n .. not sucess ! Any idea ??? Thanks Patrick
[Samba] "unix password sync" doesn´t work !
Hello ... This is my first message to the list (sorry my bad english :-D) I have a recent instalation of RedHat 7.2 in my computer, whithout Samba i installed version 2.2.4 now, but i have a BIG problem ... take a look: - When the option "unix password sync" is set to "No", the users change their passwords with smbpasswd command ... but : - When the option "unix password sync" is set to "Yes", i try to change password with smbpasswd command and have a error: [test2@server test2]$ smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was: RAP86: The specified password is invalid Failed to change password for test2 look my smb.conf: [global] workgroup = MYGROUP netbios name = SERVER security = USER encrypt passwords = Yes update encrypted = Yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yespasswd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* passwd chat debug = Yes passwd program = /usr/bin/passwd %u I try changing the "passwd chat" option , adding: *Old Pasword* %o\n .. not sucess ! Any idea ??? Thanks Patrick
[Samba] "unix password sync" doesn´t work !
Hello ... This is my first message to the list (sorry my bad english :-D) I have a recent instalation of RedHat 7.2 in my computer, whithout Samba i installed version 2.2.4 now, but i have a BIG problem ... take a look: - When the option "unix password sync" is set to "No", the users change their passwords with smbpasswd command ... but : - When the option "unix password sync" is set to "Yes", i try to change password with smbpasswd command and have a error: [test2@server test2]$ smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was: RAP86: The specified password is invalid Failed to change password for test2 look my smb.conf: [global] workgroup = MYGROUP netbios name = SERVER security = USER encrypt passwords = Yes update encrypted = Yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yespasswd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* passwd chat debug = Yes passwd program = /usr/bin/passwd %u I try changing the "passwd chat" option , adding: *Old Pasword* %o\n .. not sucess ! Any idea ??? Thanks Patrick
