Hi everybody! I am having an issue regarding my samba/pam configuration. I am trying to sync my unix/samba passwords, but everything i found online doesn't help.
My System runs Gentoo/Samba 3.5.8 as PDC(roaming profiles host and so on) , and WinXP Clients. Domainjoin and Login work fine. But I want to change the Passwords from the Windows interface. When I try to change the password using the Windows "change password" dialog. I get an error saying that i don't have permissions to do so. It works fine from the Unixshell. Samba log looks like: [2011/03/23 12:06:05.149471, 2] auth/auth.c:304(check_ntlm_password) check_ntlm_password: authentication for user [xx] -> [xx] -> [xx] succeeded [2011/03/23 12:06:05.152839, 0] auth/pampass.c:699(smb_pam_chauthtok) PAM: User not known to PAM [2011/03/23 12:06:05.152863, 2] auth/pampass.c:77(smb_pam_error_handler) smb_pam_error_handler: PAM: Password Change Failed : User not known to the underlying authentication module [2011/03/23 12:06:05.152873, 0] auth/pampass.c:861(smb_pam_passchange) smb_pam_passchange: PAM: Password Change Failed for user xx! [2011/03/23 12:06:05.156622, 0] auth/pampass.c:699(smb_pam_chauthtok) PAM: User not known to PAM [2011/03/23 12:06:05.156637, 2] auth/pampass.c:77(smb_pam_error_handler) smb_pam_error_handler: PAM: Password Change Failed : User not known to the underlying authentication module [2011/03/23 12:06:05.156650, 0] auth/pampass.c:861(smb_pam_passchange) smb_pam_passchange: PAM: Password Change Failed for user xx! [2011/03/23 12:06:05.162118, 0] auth/pampass.c:699(smb_pam_chauthtok) PAM: User not known to PAM [2011/03/23 12:06:05.162133, 2] auth/pampass.c:77(smb_pam_error_handler) smb_pam_error_handler: PAM: Password Change Failed : User not known to the underlying authentication module [2011/03/23 12:06:05.162143, 0] auth/pampass.c:861(smb_pam_passchange) smb_pam_passchange: PAM: Password Change Failed for xx! [2011/03/23 12:06:05.165908, 0] auth/pampass.c:699(smb_pam_chauthtok) PAM: User not known to PAM [2011/03/23 12:06:05.165923, 2] auth/pampass.c:77(smb_pam_error_handler) smb_pam_error_handler: PAM: Password Change Failed : User not known to the underlying authentication module [2011/03/23 12:06:05.165932, 0] auth/pampass.c:861(smb_pam_passchange) smb_pam_passchange: PAM: Password Change Failed for user xx! my smb.conf looks like: unix password sync = yes pam password change = yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Re*ype*new*password* %n\n \ *passwd:*all*authentication*tokens*updated*successfully* my pam-files look like: samba: @include system-auth @include system-password auth required pam_smbpass.so nodelay account include system-auth session include system-auth password required pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf system-auth auth required pam_env.so auth required pam_unix.so try_first_pass likeauth nullok auth optional pam_permit.so auth optional pam_smbpass.so migrate account required pam_unix.so account optional pam_permit.so password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow password optional pam_permit.so password required pam_smbpass.so nullok use_authok try_first_pass session required pam_limits.so session required pam_env.so session required pam_unix.so session optional pam_permit.so system-password: password requisite pam_unix.so nullok obscure min=4 max=8 md5 password required pam_smbpass.so nullok try_first_pass Thanks kindly! Best regards, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba