Hi all! I had some problem with LDAP, so I setup a Samba PDC without LDAP and then I migrate it to LDAP. Before that, all worked fine, changing password from Windows too. But now, a popup in windows says "username or old password incorrect. Password is case sensitive" (it's not the exact sentence for you since I translated it from my language) and I got this error in log: sambaPwdCanChange: value #0 already exists But the password is REALLY changed and the sync is OK! --> I got an error message but the command succeeded...
When I did it in a shell, I got no error... Here is smb.conf: --- BEGIN SMB.CONF --- [global] netbios name = PDCLINUX workgroup = TESTDOMAIN server string = TestCenter comment = Controleur de Domaine time server = yes passdb backend = ldapsam:ldap://ldap.mydomain.com encrypt passwords = yes security = user preferred master = yes domain master = yes local master = yes domain logons = yes wins support = yes os level = 80 hosts allow = 192.168.0. 127. # LDAP ldap admin dn = "cn=Manager,dc=mydomain,dc=com" ldap ssl = off ldap delete dn = no ldap user suffix = ou=People ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap suffix = dc=mydomain,dc=com ldap passwd sync = yes unix password sync = yes log level = 256 log file = /var/samba/log/%U.log passwd chat debug = yes passwd program = /usr/local/samba/bin/smbpasswd %u passwd chat = *ew*password* %n\n *ew*password* %n\n socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon path = \\pdc.mydomain.com\profiles\%U logon drive = H: logon home = \\pdc.mydomain.com\%U logon script = %U.bat add machine script = /usr/sbin/useradd -d /dev/null -g machines - s /bin/false -c %U%I %U [homes] comment = Home Directory guest ok = no read only = no create mask = 0664 directory mask = 0775 [netlogon] comment = Network Logon Service path = /var/samba/netlogon read only = yes guest ok = yes share modes = no root preexec = /var/samba/netlogon/login.pl %U %G %L browseable = no --- END SMB.CONF --- And here the log: --- BEGIN LOG --- [2003/12/30 15:43:49, 10] smbd/chgpasswd.c:dochild(217) Invoking '/usr/local/samba/bin/smbpasswd testuser' as password change program. [2003/12/30 15:43:49, 10] lib/util_sock.c:read_socket_with_timeout(263) read_socket_with_timeout: timeout read. select timed out. [2003/12/30 15:43:49, 100] smbd/chgpasswd.c:expect(274) expect: expected [*ew*password*] received [New SMB password:] match yes [2003/12/30 15:43:49, 10] smbd/chgpasswd.c:expect(285) expect: returning True [2003/12/30 15:43:49, 100] smbd/chgpasswd.c:expect(237) expect: sending [testuser ] [2003/12/30 15:43:49, 10] lib/util_sock.c:read_socket_with_timeout(263) read_socket_with_timeout: timeout read. select timed out. [2003/12/30 15:43:49, 100] smbd/chgpasswd.c:expect(274) expect: expected [*ew*password*] received [ Retype new SMB password:] match yes [2003/12/30 15:43:49, 10] smbd/chgpasswd.c:expect(285) expect: returning True [2003/12/30 15:43:49, 100] smbd/chgpasswd.c:expect(237) expect: sending [testuser ] [2003/12/30 15:43:49, 3] smbd/chgpasswd.c:chat_with_program(438) Password change successful for user testuser [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_set_init_flags(482) element 32 -> now CHANGED [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_set_init_flags(482) element 31 -> now CHANGED [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_set_init_flags(482) element 10 -> now CHANGED [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_set_init_flags(482) element 20 -> now CHANGED [2003/12/30 15:43:49, 10] lib/account_pol.c:account_policy_get(134) account_policy_get: maximum password age:-1 [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_set_init_flags(482) element 9 -> now CHANGED [2003/12/30 15:43:49, 10] lib/account_pol.c:account_policy_get(134) account_policy_get: minimum password age:0 [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_set_init_flags(482) element 8 -> now CHANGED [2003/12/30 15:43:49, 4] passdb/pdb_ldap.c:ldapsam_update_sam_account(1370) ldapsam_update_sam_account: user testuser to be modified has dn: uid=testuser, ou=People,dc=phonambule-tv,dc=com [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(189) element 11: SET [2003/12/30 15:43:49, 2] passdb/pdb_ldap.c:init_ldap_from_sam(769) init_ldap_from_sam: Setting entry for user: testuser [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(189) element 17: SET [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(189) element 18: SET [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(189) element 12: SET [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(199) element 22: DEFAULT [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(199) element 23: DEFAULT [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(199) element 25: DEFAULT [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(199) element 1: DEFAULT [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(199) element 3: DEFAULT [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(199) element 4: DEFAULT [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(199) element 2: DEFAULT [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(199) element 5: DEFAULT [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(199) element 6: DEFAULT [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(199) element 7: DEFAULT [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(189) element 8: SET [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(194) element 8: CHANGED [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(189) element 9: SET [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(194) element 9: CHANGED [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(189) element 31: SET [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(194) element 31: CHANGED [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(189) element 32: SET [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(194) element 32: CHANGED [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(189) element 20: SET [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(194) element 20: CHANGED [2003/12/30 15:43:49, 11] passdb/pdb_get_set.c:pdb_get_init_flags(189) element 19: SET [2003/12/30 15:43:49, 11] lib/smbldap.c:smbldap_open(822) smbldap_open: already connected to the LDAP server [2003/12/30 15:43:49, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1203) ldapsam_modify_entry: Failed to modify user dn= uid=testuser,ou=People,dc=phon ambule-tv,dc=com with: Type or value exists modify/add: sambaPwdCanChange: value #0 already exists [2003/12/30 15:43:49, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1397) ldapsam_update_sam_account: failed to modify user with uid = testuser, error: modify/add: sambaPwdCanChange: value #0 already exists (Success) [2003/12/30 15:43:49, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (1001, 547) - sec_ctx_stack_ndx = 1 [2003/12/30 15:43:49, 5] rpc_parse/parse_samr.c:init_samr_r_chgpasswd_user(7120) init_r_chgpasswd_user [2003/12/30 15:43:49, 5] rpc_server/srv_samr_nt.c:_samr_chgpasswd_user(1469) _samr_chgpasswd_user: 1469 [2003/12/30 15:43:49, 5] rpc_parse/parse_prs.c:prs_debug(82) 000000 samr_io_r_chgpasswd_user [2003/12/30 15:43:49, 5] rpc_parse/parse_prs.c:prs_ntstatus(665) 0000 status: NT_STATUS_ACCESS_DENIED --- END LOG --- Can someone explain me why I got an error with the field sambaPwdCanChange in LDAP, when I look it after the command, this field is changed... Thanks alot! S�bastien. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
