Have you installed 'libpam-smbpass" ? Here is the link for your reference https://help.ubuntu.com/10.04/serverguide/C/samba-fileprint-security.html
Thanks, Amit More On Thu, 2011-03-24 at 03:36 +0900, TAKAHASHI Motonobu wrote: > Your error is probably caused by the PAM setting. Set "debug" > option to PAM modules and look at syslog files. > > Anyway, if you enable "pam password change = yes", both "passwd > program" and "passwd chat" parameters will be ignored. > > --- > TAKAHASHI Motonobu <mo...@samba.gr.jp> > > From: Markus Scharitzer <markus.scharit...@gmail.com> > Date: Wed, 23 Mar 2011 13:53:16 +0100 > > Hi everybody! > > I am having an issue regarding my samba/pam configuration. I am trying to > sync my unix/samba passwords, but everything i found online doesn't help. > > My System runs Gentoo/Samba 3.5.8 as PDC(roaming profiles host and so on) , > and WinXP Clients. Domainjoin and Login work fine. But I want to change the > Passwords from the Windows interface. When I try to change the password > using the Windows "change password" dialog. I get an error saying that i > don't have permissions to do so. It works fine from the Unixshell. > > Samba log looks like: > > [2011/03/23 12:06:05.149471, 2] auth/auth.c:304(check_ntlm_password) > check_ntlm_password: authentication for user [xx] -> [xx] -> [xx] succeeded > [2011/03/23 12:06:05.152839, 0] auth/pampass.c:699(smb_pam_chauthtok) > PAM: User not known to PAM > [2011/03/23 12:06:05.152863, 2] auth/pampass.c:77(smb_pam_error_handler) > smb_pam_error_handler: PAM: Password Change Failed : User not known to the > underlying authentication module > [2011/03/23 12:06:05.152873, 0] auth/pampass.c:861(smb_pam_passchange) > smb_pam_passchange: PAM: Password Change Failed for user xx! > [2011/03/23 12:06:05.156622, 0] auth/pampass.c:699(smb_pam_chauthtok) > PAM: User not known to PAM > [2011/03/23 12:06:05.156637, 2] auth/pampass.c:77(smb_pam_error_handler) > smb_pam_error_handler: PAM: Password Change Failed : User not known to the > underlying authentication module > [2011/03/23 12:06:05.156650, 0] auth/pampass.c:861(smb_pam_passchange) > smb_pam_passchange: PAM: Password Change Failed for user xx! > [2011/03/23 12:06:05.162118, 0] auth/pampass.c:699(smb_pam_chauthtok) > PAM: User not known to PAM > [2011/03/23 12:06:05.162133, 2] auth/pampass.c:77(smb_pam_error_handler) > smb_pam_error_handler: PAM: Password Change Failed : User not known to the > underlying authentication module > [2011/03/23 12:06:05.162143, 0] auth/pampass.c:861(smb_pam_passchange) > smb_pam_passchange: PAM: Password Change Failed for xx! > [2011/03/23 12:06:05.165908, 0] auth/pampass.c:699(smb_pam_chauthtok) > PAM: User not known to PAM > [2011/03/23 12:06:05.165923, 2] auth/pampass.c:77(smb_pam_error_handler) > smb_pam_error_handler: PAM: Password Change Failed : User not known to the > underlying authentication module > [2011/03/23 12:06:05.165932, 0] auth/pampass.c:861(smb_pam_passchange) > smb_pam_passchange: PAM: Password Change Failed for user xx! > > my smb.conf looks like: > > unix password sync = yes > pam password change = yes > passwd program = /usr/bin/passwd %u > passwd chat = *New*password* %n\n *Re*ype*new*password* %n\n \ > *passwd:*all*authentication*tokens*updated*successfully* > > my pam-files look like: > > samba: > > @include system-auth > @include system-password > > auth required pam_smbpass.so nodelay > account include system-auth > session include system-auth > password required pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf > > system-auth > > > auth required pam_env.so > auth required pam_unix.so try_first_pass likeauth nullok > auth optional pam_permit.so > auth optional pam_smbpass.so migrate > > account required pam_unix.so > account optional pam_permit.so > > password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 > retry=3 > password required pam_unix.so try_first_pass use_authtok nullok sha512 > shadow > password optional pam_permit.so > password required pam_smbpass.so nullok use_authok try_first_pass > > session required pam_limits.so > session required pam_env.so > session required pam_unix.so > session optional pam_permit.so > > system-password: > > password requisite pam_unix.so nullok obscure min=4 max=8 md5 > password required pam_smbpass.so nullok try_first_pass > > Thanks kindly! > > Best regards, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba