Any reply to this mail?
On 18 June 2010 14:19, Rajesh Ghanekar <[email protected]> wrote: > Hi, > I see my machine password change in secrets.tdb. I am not sure who > initiated it. > But can this happen automatically after "7 days" as mentioned in following > link > initiated by someone else (PDC), other than smbd/winbindd? > > http://www.windowsnetworking.com/nt/registry/rtips295.shtml > > I am confused who changed it, but it got changed after 7 days. Can PDC > ask smbd/winbindd to change this? Or it is initiated by smbd/winbindd? > But I see logs from winbindd that initiated the change after 7 days, but > got > permission denied. Will the "denied message" cause the change to be > persistent > in secrets.tdb? I am unsure of this, too: > > 2010 Jun 14 18:34:00 xyz winbindd[31473]: [2010/06/14 18:34:00.040611, 0] > rpc_client/cli_netlogon.c:563(rpccli_netlogon_set_trust_password) > 2010 Jun 14 18:34:00 xyz winbindd[31473]: rpccli_netr_ServerPasswordSet2 > failed: NT_STATUS_ACCESS_DENIED > > > Here is krb5.conf: > > # cat /etc/krb5.conf > [libdefaults] > default_realm = XYZ.COM > > [realms] > XYZ.COM = { > kdc = xyz_ad > admin_server = xyz_ad > kpasswd_server = xyz_ad > default_domain = XYZ.COM > } > > [domain_realm] > .kerberos.server = XYZ.COM > > [logging] > default = SYSLOG:NOTICE:DAEMON > kdc = FILE:/var/log/kdc.log > kadmind = FILE:/var/log/kadmind.log > > [appdefaults] > pam = { > ticket_lifetime = 3d > renew_lifetime = 7d > forwardable = true > proxiable = false > retain_after_close = false > minimum_uid = 0 > debug = false > } > > Thanks, > Rajesh > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
