No one has anything to say about this? Did I not give enough info? Has anyone gotten Ctrl-Alt-Del password change working with LDAP? If so can I please see your smb.conf and pam.d files? Thanks so much for any help. We've been running samba here for a few years and love it, just in case it makes a difference.
Ross Patterson Programmer/Analyst 831-459-2792 [EMAIL PROTECTED] 1156 High St, Barn G, PP&C Santa Cruz, CA 95064 On Tue, 4 Mar 2003, [EMAIL PROTECTED] wrote: > One fixed problem, one new problem. > > Okay, I fixed the pam_smbpass problem by upgrading to 2.2.7a. So for > anyone out there, pam_smbpass won't work with ldap (./configure > --with-ldapsam) on 2.2.3a and will work with 2.2.7a. > > Now, onto the next problem, changing passwords by Ctrl-Alt-Del from a > Windows XP Pro machine. > > Logging onto the samba server from a WinXP machine works just fine. > > If I try to Ctrl-Alt-Del Change Password... from a WinXP machine where > the username or password of the currently logged in (WinXP) user is > different from the username or password being used on the samba > server, then the password change fails with "1727: the remote > procedure call failed and did not execute". > > If I try it when the username and password of the currently logged in > user is the same as the current username and password being used on > the samba server, then the password change succeeds. > > From an strace, I verififed what I suspected which is that its only > when samba falls back on the lanman password that authentication > succeeds and the password change can go forward, which, of course, > explains this behavior. > > I suppose it could be that pam is misconfigured on some auth component > somewhere. But the odd thing is that an strace of the samba daemons > while simply connecting to a share shows pam.d files being consulted, > while an strace of the daemons during a failed Ctrl-Alt-Del Change > Password... session shows no pam.d files consulted. > > Can anyone help here? Can anyone at least verify that they were able > to do Ctrl-Alt-Del Change Password... against a samba/LDAP server? > > Thanks. > > Ross Patterson > Programmer/Analyst > 831-459-2792 > [EMAIL PROTECTED] > 1156 High St, Barn G, PP&C > Santa Cruz, CA 95064 > > On Wed, 19 Feb 2003, [EMAIL PROTECTED] wrote: > > > On a Debian 3.0 system with user accounts stored in openldap, I have > > unix and windows auth working just fine through ldap. smbpasswd can > > change the samba passwd attributes, and passwd can change the unix > > password attributes. > > > > I'm trying to get pam_smbpass to work to keep everything in sync, but > > it only says "Failed to find entry for user test0." which indicates to > > me that its looking in the smbpasswd file which has, of course, > > nothing. "ldd /lib/security/pam_smbpass.so" gives libpam and libldap > > among other things. > > > > Can someone tell me if pam_smbpass is using the SAM DB API? If > > pam_smbpass is hardwired for the smbpasswd file, that would explain my > > troubles. > > > > If it is using the SAM DB API, can anyone give me any direction? > > > > Ross Patterson > > Programmer/Analyst > > 831-459-2792 > > [EMAIL PROTECTED] > > 1156 High St, Barn G, PP&C > > Santa Cruz, CA 95064 > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
