I removed version 3.0.22 and installed 3.0.24 (I removed samba files from /etc/samba, /var/lib/samba, /var/cache/samba), but afraid I still experiencing the same problem when I run
pdbedit -y -i tdbsam -e ldapsam Found pdb backend guest pdb backend guest has a valid init called with username="(null)" tdb(unnamed): tdb_open_ex: could not open file /etc/samba/passdb.tdb: No such file or directory Unable to open/create TDB passwd Can't sampwent! I manually updated the password policy settings in sambaDomain=BLAHDEV,dc=example,dc=org ldapmodify -x -D "..." -W dn: sambaDomainName=BLAHDEV,dc=roke,dc=co,dc=uk changeType: modify sambaMinPwdAge: 0 sambaMaxPwdAge: 2592000 sambaPwdHistoryLength: 5 sambaLockoutThreshold: 3 sambaMinPwdLength: 8 sambaLockoutDuration: -1 Samba doesn't appear to recognise these changes. How can I get samba to just look in the ldapsam and not worry about what's in other backends. Any ideas on how to diagnose this problem would also be helpful [global] workgroup = BLAHDEV netbios name = BLAHDEV-PDC security = user server string = Samba Server log level = 2 syslog = 0 log file = /var/log/samba/%m.log max log size = 100000 time server = Yes logon home = "" logon path = "" domain logons = Yes domain master = Yes os level = 65 preferred master = Yes wins support = yes encrypt passwords = Yes # unix password sync = Yes passwd program = /usr/sbin/ldap_userPassword_change %u passwd chat = *New*password* %n\n *Re-enter*new*password* %n\n *Result**Success**** # Crackcheck settings to allow NT style password complexity checks check password script = /sbin/crackcheck -c -d /usr/lib/cracklib_dict passdb backend = ldapsam:"ldap://ldap-1"; ldap admin dn = cn=Manager,dc=example,dc=org ldap suffix = dc=example,dc=org ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap # idmap backend = ldap:"ldap://ldap-1 ldap://ldap-2"; idmap backend = ldap:"ldap://ldap-1"; add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" add machine script = /opt/IDEALX/sbin/smbldap-useradd -t 1 -w "%u" add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g '%g' '%u' idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = no I'm running on centos 4.3. Is there a Linux file or PAM setting or something that I need to change to make this work? -- View this message in context: http://www.nabble.com/pdbedit-password-policy---not-updating-ldapsam-tf3239423.html#a9043068 Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
