Prev: [Samba] how to make ms xp save login credentials
Next: [Samba] Samba 3.5.2 getent passwd does not work
From: Rajesh Ghanekar on 18 Jun 2010 05:10
Hi,
I see my machine password change in secrets.tdb. I am not sure who
initiated it.
But can this happen automatically after "7 days" as mentioned in
following link
initiated by someone else (PDC), other than smbd/winbindd?

http://www.windowsnetworking.com/nt/registry/rtips295.shtml

I am confused who changed it, but it got changed after 7 days. Can PDC
ask smbd/winbindd to change this? Or it is initiated by smbd/winbindd?
But I see logs from winbindd that initiated the change after 7 days, but got
permission denied. Will the "denied message" cause the change to be
persistent
in secrets.tdb? I am unsure of this, too:

2010 Jun 14 18:34:00 xyz winbindd[31473]: [2010/06/14 18:34:00.040611,
0] rpc_client/cli_netlogon.c:563(rpccli_netlogon_set_trust_password)
2010 Jun 14 18:34:00 xyz winbindd[31473]:
rpccli_netr_ServerPasswordSet2 failed: NT_STATUS_ACCESS_DENIED


Here is krb5.conf:

# cat /etc/krb5.conf
[libdefaults]
default_realm = XYZ.COM

[realms]
XYZ.COM = {
kdc = xyz_ad
admin_server = xyz_ad
kpasswd_server = xyz_ad
default_domain = XYZ.COM
}

[domain_realm]
.kerberos.server = XYZ.COM

[logging]
default = SYSLOG:NOTICE:DAEMON
kdc = FILE:/var/log/kdc.log
kadmind = FILE:/var/log/kadmind.log

[appdefaults]
pam = {
ticket_lifetime = 3d
renew_lifetime = 7d
forwardable = true
proxiable = false
retain_after_close = false
minimum_uid = 0
debug = false
}

Thanks,
Rajesh

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
 | 
Pages: 1
Prev: [Samba] how to make ms xp save login credentials
Next: [Samba] Samba 3.5.2 getent passwd does not work