[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Propagation of LDAP passwrod change to samba system

Thank you for commnet

yes it is 3.2.5 regural package in Lenny.

dpkg -l | grep samba
ii  samba                             2:3.2.5-4lenny7          a
LanManager-like file and printer server for Unix
ii  samba-common                      2:3.2.5-4lenny7          Samba
common files used by both the server and the client
ii  samba-doc                         2:3.2.5-4lenny7          Samba
server:/etc/samba# dpkg -l | grep ldap
ii  ldap-utils                        2.4.11-1
OpenLDAP utilities
ii  libldap-2.4-2                     2.4.11-1
OpenLDAP libraries
ii  libnss-ldap                       261-2.1                  NSS
module for using LDAP as a naming service
ii  libpam-ldap                       184-4.2
Pluggable Authentication Module for LDAP

I know this stuff is very complex and I am trying to set it up step by
step, but I really do not undersand what causing error

Old SMB password:
New SMB password:
Retype new SMB password:
machine rejected the tconX on the IPC$ share. Error was :
 Failed to change password for test1

when I logged to system usning ssh and as user1.

I understand that smbpasswd by default look for ip address but I am getting same error in case I set up in smb.conf

Also I tried to change samba password for user1 using

smbpasswd -r ( is stated it smb.conf as
interface will bind to, ) but again same problem

What is tconX, I did not defined it, what ir set up IPC$....

regards, thanks

2009/11/3 Michael Ströder <michael@stroeder.com>:
> pcinformace pcinformace wrote:
>> I am trying to set up LDAP + SAMBA
> I assume this is Samba3. Is it an OpenLDAP server?
>> Question is how can I make it reversible, so when I change password
>> connected via ssh to be propagated to samba system and to use that new
>> password for accessing samba shares.
> For the LDAP bind (used by ssh) the attribute 'userPassword' has to be set
> when changing the password. For Samba3 the attribute(s) sambaNTPassword (and
> optionally sambaLMPassword) have to be set with a pre-calculated hash.
> I'd recommend to set up OpenLDAP with overlay slapo-smbk5pwd which you have to
> build separately and is found in directory contrib/slapd-modules/smbk5pwd of
> the source distribution. This overlay intercepts the Password Modify extended
> operation and sets userPassword and the Samba password attribute(s). So you
> have to tell pam_ldap to use ext. op. when setting a new password.
> Ciao, Michael.
> --
> Michael Ströder
> E-Mail: michael@stroeder.com
> http://www.stroeder.com