[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
Launchpad has imported 9 comments from the remote bug at
https://bugzilla.redhat.com/show_bug.cgi?id=430105.
If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://help.launchpad.net/InterBugTracking.
On 2008-01-24T15:28:44+00:00 John wrote:
Upon upgrading from smbldap-tools-0.9.2-3.fc5 to smbldap-tools-0.9.4-1.fc8, I
noticed I could no longer change user passwords. smbldap-passwd would fail with
this error:
[root@myserver ~]# smbldap-passwd jdoe
Changing UNIX and samba passwords for jdoe
New password:
Retype new password:
Use of uninitialized value in string at /usr/sbin/smbldap-passwd line 277,
line 2.
Failed to modify UNIX password: shadowMax: value #0 invalid per syntax at
/usr/sbin/smbldap-passwd line 285, line 2.
[root@myserver ~]#
The problem seems to stem from 2 things:
1) I have no defaultMaxPasswordAge set in smbldap.conf. However, this has never
been a problem in the past, and isn't stated as being a required setting. If
possible, I'd like to keep maximum password ages diabled.
2) smbldap-passwd is trying to change attributes to the users account which
don't exist. If I'm reading the code correctly, it's attempting to set 3
attributes which don't apply to the samba schema: userPassword,
shadowLastChange, and shadowMax. They only apply to the nis schema, which we do
not use.
I apologize if I'm misconfiguring something, however as I stated, this worked
fine in 0.9.2.
Reply at: https://bugs.launchpad.net/ubuntu/+source/smbldap-
tools/+bug/235988/comments/0
On 2008-01-24T18:57:25+00:00 John wrote:
Correction: userPassword is in the samba schema, however shadowLastChange and
shadowMax are not.
Additionally, here is the LDIF export of the applicable jdoe user account that
was created using: smbldap-useradd -a -m -c "John Doe" -P jdoe
dn: uid=jdoe,ou=People,dc=mydomain,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: jdoe
sn: jdoe
givenName: jdoe
uid: jdoe
uidNumber: 8199
gidNumber: 513
homeDirectory: /var/resource/users/jdoe
loginShell: /bin/bash
gecos: John Doe
userPassword: {crypt}x
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
displayName: jdoe
sambaSID: S-1-5-21-2828578859-3132521847-1089271054-17398
sambaPrimaryGroupSID: S-1-5-21-2828578859-3132521847-1089271054-513
sambaLogonScript: jdoe.bat
sambaHomeDrive: H:
sambaAcctFlags: [U]
sambaPwdMustChange: 1516489003
sambaLMPassword: (crypt)
sambaNTPassword: (crypt)
sambaPwdLastSet: 1201187794
Reply at: https://bugs.launchpad.net/ubuntu/+source/smbldap-
tools/+bug/235988/comments/1
On 2008-05-21T16:28:40+00:00 John wrote:
Created attachment 306274
Patch for smbldap-passwd on smbldap-tools-0.9.4-1.fc8
Ok. Seems as though the problem revolves around smbldap-passwd trying to set
shadowMax when no defaultMaxPasswordAge has been set in smbldap.conf. I have
attached a simple patch which seems to resolve the issue without any
side-effects.
Reply at: https://bugs.launchpad.net/ubuntu/+source/smbldap-
tools/+bug/235988/comments/2
On 2008-05-22T11:11:49+00:00 Paul wrote:
Quick query here: if you're not using the nis schema, how are you getting an
"objectClass: shadowAccount" in Comment #1?
Reply at: https://bugs.launchpad.net/ubuntu/+source/smbldap-
tools/+bug/235988/comments/3
On 2008-05-22T13:20:25+00:00 John wrote:
(In reply to comment #3)
> Quick query here: if you're not using the nis schema, how are you getting an
> "objectClass: shadowAccount" in Comment #1?
Sorry. That was incorrect. Somehow I missed the nis.schema include line in my
slapd.conf, which obviously has shadowMax. So my bug subject is inaccurate,
however the problem is still relevant. The new description should probably be
"smbldap-passwd tries to set shadowMax even though defaultMaxPasswordAge is not
defined".
Does my patch make sense?
Thanks!
Reply at: https://bugs.launchpad.net/ubuntu/+source/smbldap-
tools/+bug/235988/comments/4
On 2008-05-23T15:55:58+00:00 Paul wrote:
An almost identical patch has already been applied upstream in version
0.9.5.
See: https://gna.org/bugs/?10230
I've put together some packages for various Fedora releases at:
http://www.city-fan.org/ftp/contrib/sysutils/
The packages there are basically the same as the one I've just built for
Rawhide. If they seem OK, I'll push them as updates
[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
This is fixed in 0.9.5-1, which is in Lucid and later. ** Changed in: smbldap-tools (Ubuntu) Importance: Undecided = Low ** Changed in: smbldap-tools (Ubuntu) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. https://bugs.launchpad.net/bugs/235988 Title: smbldap-passwd failed to modify unix password: shadowMax -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
What is status? Anyone know a package I can install for this? -- smbldap-passwd failed to modify unix password: shadowMax https://bugs.launchpad.net/bugs/235988 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
** Bug watch added: Debian Bug tracker #483356 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483356 ** Also affects: smbldap-tools (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483356 Importance: Unknown Status: Unknown -- smbldap-passwd failed to modify unix password: shadowMax https://bugs.launchpad.net/bugs/235988 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
** Changed in: smbldap-tools (Debian) Status: Unknown = Fix Released -- smbldap-passwd failed to modify unix password: shadowMax https://bugs.launchpad.net/bugs/235988 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
** Bug watch added: Red Hat Bugzilla #430105 https://bugzilla.redhat.com/show_bug.cgi?id=430105 ** Also affects: smbldap-tools (Fedora) via https://bugzilla.redhat.com/show_bug.cgi?id=430105 Importance: Unknown Status: Unknown -- smbldap-passwd failed to modify unix password: shadowMax https://bugs.launchpad.net/bugs/235988 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
** Changed in: smbldap-tools (Fedora) Status: Unknown = Fix Released -- smbldap-passwd failed to modify unix password: shadowMax https://bugs.launchpad.net/bugs/235988 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
I can confirm as well. The (upstream?) package is currently at 0.9.5 with that problem patched. (https://gna.org/projects/smbldap-tools/) Any idea how long until that version would be packaged and available via universe sources? -- smbldap-passwd failed to modify unix password: shadowMax https://bugs.launchpad.net/bugs/235988 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
I can confirm as well, I set defaultMaxPasswordAge to 100 years to get around it as we wanted it disabled anyway. -- smbldap-passwd failed to modify unix password: shadowMax https://bugs.launchpad.net/bugs/235988 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
I can confirm I have the same symptoms here. Since I'm not really using shadowMax, I just commented out the relative line. This solves the problem, without triggering the SS HA problem described above. -- smbldap-passwd failed to modify unix password: shadowMax https://bugs.launchpad.net/bugs/235988 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 235988] Re: smbldap-passwd failed to modify unix password: shadowMax
** This bug is no longer flagged as a security issue -- smbldap-passwd failed to modify unix password: shadowMax https://bugs.launchpad.net/bugs/235988 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
