Thanks you very much. That has fixed it. Brilliant. Dp.
On 16 August 2011 12:40, L.P.H. van Belle <[email protected]> wrote: > Hai, > > on your master, in smb.conf > > change these settings. ( im also running debian with pdc/bdc ldap master and > multiple slaves through syncrepl ) > > passwd program = /usr/sbin/smbldap-passwd "%u" > passwd chat = *New*password* %n\n *Retype*new*password* %n\n > *all*authentication*tokens*updated* > remove : unix password sync = Yes > > and try again. > > Louis > >>-----Oorspronkelijk bericht----- >>Van: [email protected] >>[mailto:[email protected]] Namens Dermot >>Verzonden: 2011-08-16 12:48 >>Aan: [email protected] >>Onderwerp: [Samba] window, samba and ldap passwords >> >>Hi, >> >>I recently migrated to a Samba3x domain. One issue that has been >>reported to me is that XP users cannot change their password from >>their PC. I have done some searching and I haven't seen a straight >>forward answer to this. >> >>My config is >> >>ldap primary + Samba PDC on host A >>ldap slave + samba BDC on host B >> >>I see this error in the machine log when someone attempts to change >>their password: >> >>2011/08/16 10:04:11.137313, 0] auth/pampass.c:861(smb_pam_passchange) >> smb_pam_passchange: PAM: Password Change Failed for user kreuze! >>[2011/08/16 10:04:11.200891, 0] auth/pampass.c:705(smb_pam_chauthtok) >> PAM: UNKNOWN PAM ERROR (8) for User: kreuze >>[2011/08/16 10:04:11.201002, 0] auth/pampass.c:861(smb_pam_passchange) >> smb_pam_passchange: PAM: Password Change Failed for user kreuze! >>[2011/08/16 10:04:11.215657, 0] auth/pampass.c:705(smb_pam_chauthtok) >> PAM: UNKNOWN PAM ERROR (8) for User: kreuze >>[2011/08/16 10:04:11.215741, 0] auth/pampass.c:861(smb_pam_passchange) >> smb_pam_passchange: PAM: Password Change Failed for user kreuze! >> >> >>I have seen this article: >>http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/pam. >>html#id2667199 >>but I am not sure if it's appropriate for my environment. I suspect >>the answer to this may very dependent on my config. >>Can anyone offer any advice? >>Thanks in advance. >>Dermot. >> >> >>=========== smb.conf on PDC =========== >> >> dos charset = UTF-8 >> display charset = UTF-8 >> workgroup = FOO >> server string = %h server >> map to guest = Bad User >> passdb backend = ldapsam:ldap://127.0.0.1/ >> pam password change = Yes >> passwd program = /usr/sbin/smbldap-passwd -u %u >> passwd chat = *New*password* %n\n *Retype*new*password* %n\n >>*all*authentication*tokens*updated* >> unix password sync = Yes >> log level = 1 >> syslog = 0 >> log file = /var/log/samba/log.%m >> max log size = 1000 >> smb ports = 139 445 >> name resolve order = wins hosts bcast >> time server = Yes >> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >> load printers = No >> add user script = /usr/sbin/smbldap-useradd -m %u >> delete user script = /usr/sbin/smbldap-userdel '%u' >> delete group script = /usr/sbin/smbldap-groupdel %g >> add user to group script = /usr/sbin/smbldap-groupmod -m %u %g >> delete user from group script = >>/usr/sbin/smbldap-groupmod -x %u %g >> set primary group script = /usr/sbin/smbldap-usermod -g %g %u >> add machine script = /usr/sbin/smbldap-useradd -w %u >> logon script = logon.bat >> logon path = >> logon drive = U: >> logon home = >> domain logons = Yes >> os level = 65 >> preferred master = Auto >> domain master = Yes >> dns proxy = No >> ldap admin dn = cn=admin,dc=mydomin,dc=co,dc=uk >> ldap delete dn = Yes >> ldap group suffix = ou=Groups >> ldap idmap suffix = ou=idmap >> ldap machine suffix = ou=Computers, ou=Users >> ldap passwd sync = yes >> ldap suffix = dc=mydomain,dc=co,dc=uk >> ldap ssl = no >> ldap timeout = 20 >> ldap user suffix = ou=Users >> panic action = /usr/share/samba/panic-action %d >> idmap backend = ldap:"ldap://127.0.0.1/"; >> idmap uid = 15000-20000 >> idmap gid = 15000-20000 >> map acl inherit = Yes >> case sensitive = No >> hide unreadable = Yes >>-- >>To unsubscribe from this list go to the following URL and read the >>instructions: https://lists.samba.org/mailman/options/samba >> >> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
