From: Gaiseric Vandal on
On 02/02/10 18:07, Brett Charbeneau wrote:
> Greetings all
>
> I'm running Samba 3.0 on an Ubuntu box as a PDC and I'm having trouble
> changing passwords with XP clients - here's my smb.conf
> http://pastebin.com/m1bb6d4a6
>
> I've played with a variety of "passwd chat" settings but no joy. I am
> trying to use pam_cracklib.so - here's my /etc/pam.d/common-password
> file: http://pastebin.com/m1a1d5f89
>
> I've tried the suggestions in this thread, but no luck:
> http://www.mail-archive.com/samba(a)lists.samba.org/msg104476.html
>
> Any hints? I'd be very grateful for any suggestions anyone has the
> time to offer!
>


Are you using an LDAP backend?

I am not sure the samba password chat chat scripts can pass the "old"
password back to unix. My experience with ldap (Sun LDAP server not
OpenLDAP) is that that password change either requires the user's old
password or the LDAP admin pw. The local "root" account does not have
privledges to change ldap passwords. (Local or NIS password's weren't a
problem.)


--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Brett Charbeneau on
On Wed, 3 Feb 2010, Gaiseric Vandal wrote:

GV> On 02/02/10 18:07, Brett Charbeneau wrote:
GV> > Greetings all
GV> >
GV> > I'm running Samba 3.0 on an Ubuntu box as a PDC and I'm having trouble
GV> > changing passwords with XP clients - here's my smb.conf
GV> > http://pastebin.com/m1bb6d4a6
GV> >
GV> > I've played with a variety of "passwd chat" settings but no joy. I am
GV> > trying to use pam_cracklib.so - here's my /etc/pam.d/common-password file:
GV> > http://pastebin.com/m1a1d5f89
GV> >
GV> > I've tried the suggestions in this thread, but no luck:
GV> > http://www.mail-archive.com/samba(a)lists.samba.org/msg104476.html
GV> >
GV> > Any hints? I'd be very grateful for any suggestions anyone has the time to
GV> > offer!
GV> >
GV>
GV>
GV> Are you using an LDAP backend?
GV>
GV> I am not sure the samba password chat chat scripts can pass the "old"
GV> password back to unix. My experience with ldap (Sun LDAP server not
GV> OpenLDAP) is that that password change either requires the user's old
GV> password or the LDAP admin pw. The local "root" account does not have
GV> privledges to change ldap passwords. (Local or NIS password's weren't a
GV> problem.)

I appreciate the response!
No, I'm using tdbsam as the back end...


--
********************************************************************
Brett Charbeneau, GSEC Gold, GCIH Gold
Network Administrator
Williamsburg Regional Library
7770 Croaker Road
Williamsburg, VA 23188-7064
(757)259-4044 www.wrl.org
(757)259-4079 (fax) brett(a)wrl.org
********************************************************************

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba