Samba & W2k | Password Syncing - SMB

This is a discussion on Samba & W2k | Password Syncing - SMB ; Hello ppl, At this moment I have installed redhat 9, with samba (from the cd) [at this moment I don't know which version from samba it is]. And I have a problem. When I try to syncronize the passwords on ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: Samba & W2k | Password Syncing

  1. Samba & W2k | Password Syncing

    Hello ppl,

    At this moment I have installed redhat 9, with samba (from the cd) [at
    this moment I don't know which version from samba it is].
    And I have a problem. When I try to syncronize the passwords on the
    windows system I get an error.
    I do the following on the Windows 2000 Prof. (dutch version): ctrl -
    alt - delete -> change password.

    Then I get a strange error, I fill in my username... My old password
    and then twice my new password. I know for sure all the information I
    enter is correct. I checked it double & over.
    The error I get when to change the password is:
    "Username or old password is incorrect. Ensure you have disabled your
    CAPS-LOCK" (or something what looks like this)

    I have the following samba settings which has to deal with password
    things:
    encrypt passwords = yes
    smb passwd file = /etc/samba/smbpasswd
    unix password sync = yes
    passwd program = /usr/bin/passwd %U
    passwd chat = *password* %n\n *password* %n\n *updated*
    pam password change = yes
    update encrypted = yes
    username map = /etc/samba/smbusers

    How to solve this problem. People cannot change their password at this
    moment, which is very important. All users (total: 210) have the same
    "resetted" password.

    I hope someone can help me with this problem.
    I don't know if the problem is also occuring with a english w2k
    system. But the school where I install it only have the dutch version.

    Regards,

    Mike van Engelen.

  2. Re: Samba & W2k | Password Syncing

    Mike van Engelen wrote:

    > Hello ppl,
    >

    ....
    > Then I get a strange error, I fill in my username... My old password
    > and then twice my new password. I know for sure all the information
    > I enter is correct. I checked it double & over.
    > The error I get when to change the password is:
    > "Username or old password is incorrect. Ensure you have disabled
    > your CAPS-LOCK" (or something what looks like this)
    >
    > I have the following samba settings which has to deal with password
    > things:
    > encrypt passwords = yes
    > smb passwd file = /etc/samba/smbpasswd
    > unix password sync = yes
    > passwd program = /usr/bin/passwd %U
    > passwd chat = *password* %n\n *password* %n\n *updated*
    > pam password change = yes
    > update encrypted = yes
    > username map = /etc/samba/smbusers
    >
    > How to solve this problem. People cannot change their password at
    > this moment, which is very important. All users (total: 210) have
    > the same "resetted" password.
    >

    As long as the users don't need shell access, remove the "unix
    password sync" line until you have figured out the _exact_ passwd
    chat sequence. Failure to change the unix password will also prohibit
    the samba password change.
    Also "update encrypted" is obsolete, it would work for migrating
    plaintext to encryption.
    A third question .... are you really using PAM? One more sourec of
    possible failure.
    Try "smbpasswd" as a normal user on a console, with "-d 3" or even
    higher, to verify.


  3. Re: Samba & W2k | Password Syncing

    On Sat, 13 Sep 2003 21:26:56 +0200, Walter Mautner
    wrote:

    >Mike van Engelen wrote:
    >> The error I get when to change the password is:
    >> "Username or old password is incorrect. Ensure you have disabled
    >> your CAPS-LOCK" (or something what looks like this)


    >As long as the users don't need shell access, remove the "unix
    >password sync" line until you have figured out the _exact_ passwd
    >chat sequence. Failure to change the unix password will also prohibit
    >the samba password change.


    Well, as far as I know, the 'normal' linux users are not used for any
    other service (at this moment). The machine is playing a domain server
    and is running some programs for network usage (via samba) and the
    users has a home directory (also samba)...

    I have no idea what I should fill in at "passwd chat =".
    And I also don't know what it has for use, but when I comment the
    line, the problem still remains, and is not solved.

    >Also "update encrypted" is obsolete, it would work for migrating
    >plaintext to encryption.


    I just added it because I found it in some docs, so maybe it workes,
    but it didn't solve my problem.

    >A third question .... are you really using PAM? One more sourec of
    >possible failure.


    To be fair, I have no idea
    Just a standard installation of Redhat 9.0 and with the samba version
    shipped with this version. But the problem was before I added that
    line (same as above).

    >Try "smbpasswd" as a normal user on a console, with "-d 3" or even
    >higher, to verify.


    Well, all users I add to smbpassword / smbusers can login into the
    domain, and all shares ect. Works perfectly, but I want that users can
    change their own passwords.

    Thanks for your (fast !) reply.

    Regards,

    Mike van Engelen

  4. Re: Samba & W2k | Password Syncing

    Mike van Engelen wrote:
    > On Sat, 13 Sep 2003 21:26:56 +0200, Walter Mautner
    > wrote:
    >
    >
    >>Mike van Engelen wrote:
    >>
    >>>The error I get when to change the password is:
    >>>"Username or old password is incorrect. Ensure you have disabled
    >>>your CAPS-LOCK" (or something what looks like this)

    >
    >
    >>As long as the users don't need shell access, remove the "unix
    >>password sync" line until you have figured out the _exact_ passwd
    >>chat sequence. Failure to change the unix password will also prohibit
    >>the samba password change.

    >
    >
    > Well, as far as I know, the 'normal' linux users are not used for any
    > other service (at this moment). The machine is playing a domain server
    > and is running some programs for network usage (via samba) and the
    > users has a home directory (also samba)...
    >
    > I have no idea what I should fill in at "passwd chat =".
    > And I also don't know what it has for use, but when I comment the
    > line, the problem still remains, and is not solved.


    Can you change the password of a user by running
    passwd as root?

    passwd user

    You can raise the loglevel of samba in smb.conf and see what
    gets logged into the logfile when you try to change the password
    from Windows.

    Are you running NIS on the Linux machine?

    Mogens

    --
    Mogens Kjaer, Carlsberg A/S, Computer Department
    Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark
    Phone: +45 33 27 53 25, Fax: +45 33 27 47 08
    Email: mk@crc.dk Homepage: http://www.crc.dk


  5. Re: Samba & W2k | Password Syncing

    On Sun, 14 Sep 2003 13:01:28 +0200, Mogens Kjaer wrote:

    >Can you change the password of a user by running
    >passwd as root?
    >
    >passwd user


    Yeah just like normal...
    So:
    $ passwd username
    Password new
    Password new again
    and then the message all tokens (and something else)

    And works perfectly, so don't know why I get the errors in Windows.
    I checked it double and for troubleshooting all passwords & usernames
    are lowercase (on the linux system & windows).
    But the problem still exists

    >You can raise the loglevel of samba in smb.conf and see what
    >gets logged into the logfile when you try to change the password
    >from Windows.


    Ok, I will try that tomorrow, what is the higgest loglevel I can give
    it... It has now log level = 2

    >Are you running NIS on the Linux machine?


    I can't remember of installing that package, so no I'm not running any
    kind of NIS on that machine.

    Thanks for helping/anwsering.

    Regards,

    Mike van Engelen

    >
    >Mogens



  6. Re: Samba & W2k | Password Syncing

    Mike van Engelen wrote:
    > On Sun, 14 Sep 2003 13:01:28 +0200, Mogens Kjaer wrote:
    >
    >
    >>Can you change the password of a user by running
    >>passwd as root?
    >>
    >>passwd user

    >
    >
    > Yeah just like normal...
    > So:
    > $ passwd username
    > Password new
    > Password new again
    > and then the message all tokens (and something else)


    This looks OK.

    >
    > And works perfectly, so don't know why I get the errors in Windows.
    > I checked it double and for troubleshooting all passwords & usernames
    > are lowercase (on the linux system & windows).
    > But the problem still exists
    >
    >
    >>You can raise the loglevel of samba in smb.conf and see what
    >>gets logged into the logfile when you try to change the password

    >
    >>from Windows.

    >
    > Ok, I will try that tomorrow, what is the higgest loglevel I can give
    > it... It has now log level = 2


    Try 99. Beware that the logfiles will be _big_.

    >
    >
    >>Are you running NIS on the Linux machine?

    >
    >
    > I can't remember of installing that package, so no I'm not running any
    > kind of NIS on that machine.


    The reason why I asked about this is, that I can't run
    passwd from samba to change the passwords because I run
    NIS. I get some strange RPC error (can't remember the exact
    error message).

    And I can't run yppasswd from samba, as it asks for root's password.

    Sigh.

    But this obviously isn't the same problem you're having.

    Mogens


    --
    Mogens Kjaer, Carlsberg A/S, Computer Department
    Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark
    Phone: +45 33 27 53 25, Fax: +45 33 27 47 08
    Email: mk@crc.dk Homepage: http://www.crc.dk


  7. Re: Samba & W2k | Password Syncing

    Mogens Kjaer wrote:
    ....
    >> I can't remember of installing that package, so no I'm not running any
    >> kind of NIS on that machine.

    >
    >
    > The reason why I asked about this is, that I can't run
    > passwd from samba to change the passwords because I run
    > NIS. I get some strange RPC error (can't remember the exact
    > error message).
    >
    > And I can't run yppasswd from samba, as it asks for root's password.
    >
    > Sigh.


    # passwd pdc1
    Changing password for user pdc1.
    New password:
    Retype new password:
    RPC: Can't encode arguments
    The password has not been changed on server1.crc.dk.
    passwd: Failed preliminary check by password service

    Has anyone else seen this?

    Mogens


    --
    Mogens Kjaer, Carlsberg A/S, Computer Department
    Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark
    Phone: +45 33 27 53 25, Fax: +45 33 27 47 08
    Email: mk@crc.dk Homepage: http://www.crc.dk


  8. [FIXED!] Re: Samba & W2k | Password Syncing

    On Sat, 13 Sep 2003 21:26:56 +0200, Walter Mautner
    wrote:

    >As long as the users don't need shell access, remove the "unix
    >password sync" line until you have figured out the _exact_ passwd
    >chat sequence. Failure to change the unix password will also prohibit
    >the samba password change.
    >Also "update encrypted" is obsolete, it would work for migrating
    >plaintext to encryption.
    >A third question .... are you really using PAM? One more sourec of
    >possible failure.
    >Try "smbpasswd" as a normal user on a console, with "-d 3" or even
    >higher, to verify.


    Ok, thanks this was the solution, commented the lines
    unix password sync
    update encrypted
    and pam_(something)

    And now it works fine ! Thank you very very much.
    Normal users can change their smbpasswd if they logon, but when they
    change the password on the windows system now, the old password is
    still be used for the regular *unix accounts. (Which is quite logical
    because I didn't keep the line "unix password sinc".

    Thanks again for anyone who helped me.

    Regards,

    Mike van Engelen


+ Reply to Thread