PDA

View Full Version : Samba as a PDC HOWTO - Change clients passwords


linuxmad
25th February 2006, 19:47
Hi,
I am almost finishing my last configs, testing etc... and found out that after doing a sucessful login, and after pressing CRTL-ALT-DEL to change a user's password, I am not able to do it.
I enter the old one, then the new one, repeat that, and press OK. After that I get stucked or hanged. The XP machine sits there waiting and waiting,... but nothing, and I am forced to force a shutdown.
Can you guys help??
Thanks

linuxmad
25th February 2006, 20:18
..well it seems that if unix password sync = is set to NO i am able to change my password. However password doesn't get synced an I loose the abilty to log into a Linux client with the new passord. Any thoughts??
thanks

HoUsECAt
9th March 2006, 22:31
same here on a Windows XP Pro client.. anybody got an idea?

till
10th March 2006, 10:16
Do you get any errors in your samaba logs in /var/log/samba/ ?

HoUsECAt
10th March 2006, 14:37
here is the full log from the moment i've pushed the change password button... the client freezes


[2006/03/10 13:34:02, 3] smbd/service.c:make_connection_snum(479)
Connect path is '/tmp' for service [IPC$]
[2006/03/10 13:34:02, 3] smbd/service.c:make_connection_snum(642)
CLIENTCOMPUTER (172.16.50.10) connect to service IPC$ initially as user housecat (uid=1000, gid=100) (pid 20531)
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] smbd/reply.c:reply_tcon_and_X(455)
tconX service=IPC$
[2006/03/10 13:34:02, 3] smbd/process.c:process_smb(1091)
Transaction 343 of length 100
[2006/03/10 13:34:02, 3] smbd/process.c:switch_message(886)
switch message SMBntcreateX (pid 20531) conn 0x897c50
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (1000, 100) - sec_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] smbd/nttrans.c:nt_open_pipe(514)
nt_open_pipe: Known pipe samr opening.
[2006/03/10 13:34:02, 3] smbd/process.c:process_smb(1091)
Transaction 344 of length 209
[2006/03/10 13:34:02, 3] smbd/process.c:switch_message(886)
switch message SMBwriteX (pid 20531) conn 0x897c50
[2006/03/10 13:34:02, 3] rpc_server/srv_pipe.c:api_pipe_bind_req(887)
api_pipe_bind_req: \PIPE\samr -> \PIPE\lsass
[2006/03/10 13:34:02, 3] rpc_server/srv_pipe.c:check_bind_req(762)
check_bind_req for \PIPE\samr
[2006/03/10 13:34:02, 3] smbd/pipes.c:reply_pipe_write_and_X(199)
writeX-IPC pnum=711f nwritten=141
[2006/03/10 13:34:02, 3] smbd/process.c:process_smb(1091)
Transaction 345 of length 63
[2006/03/10 13:34:02, 3] smbd/process.c:switch_message(886)
switch message SMBreadX (pid 20531) conn 0x897c50
[2006/03/10 13:34:02, 3] smbd/pipes.c:reply_pipe_read_and_X(242)
readX-IPC pnum=711f min=1024 max=1024 nread=116
[2006/03/10 13:34:02, 3] smbd/process.c:process_smb(1091)
Transaction 346 of length 280
[2006/03/10 13:34:02, 3] smbd/process.c:switch_message(886)
switch message SMBwriteX (pid 20531) conn 0x897c50
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(1000, 100) : sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(104) : conn_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (1000, 100) - sec_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] auth/auth.c:check_ntlm_password(219)
check_ntlm_password: Checking password for unmapped user [DOMAINNAME]\[housecat]@[CLIENTCOMPUTER] with the new password interface
[2006/03/10 13:34:02, 3] auth/auth.c:check_ntlm_password(222)
check_ntlm_password: mapped user is: [DOMAINNAME]\[housecat]@[CLIENTCOMPUTER]
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(1000, 100) : sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(104) : conn_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (1000, 100) - sec_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(1000, 100) : sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(104) : conn_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2006/03/10 13:34:02, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(104) : conn_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(233)
fetch sid from gid cache 100 -> S-1-5-21-1138420731-3129855418-3892462783-513
[2006/03/10 13:34:02, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(233)
fetch sid from gid cache 4 -> S-1-5-21-1138420731-3129855418-3892462783-1009
[2006/03/10 13:34:02, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(233)
fetch sid from gid cache 20 -> S-1-5-21-1138420731-3129855418-3892462783-1041
[2006/03/10 13:34:02, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(233)
fetch sid from gid cache 106 -> S-1-5-21-1138420731-3129855418-3892462783-1213
[2006/03/10 13:34:02, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(233)
fetch sid from gid cache 5001 -> S-1-5-21-1138420731-3129855418-3892462783-11003
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (1000, 100) - sec_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] auth/auth.c:check_ntlm_password(268)
check_ntlm_password: sam authentication for user [housecat] succeeded
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(1000, 100) : sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(104) : conn_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (1000, 100) - sec_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [housecat] -> [housecat] -> [housecat] succeeded
[2006/03/10 13:34:02, 3] smbd/pipes.c:reply_pipe_write_and_X(199)
writeX-IPC pnum=711f nwritten=212
[2006/03/10 13:34:02, 3] smbd/process.c:process_smb(1091)
Transaction 347 of length 232
[2006/03/10 13:34:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 20531) conn 0x897c50
[2006/03/10 13:34:02, 3] smbd/ipc.c:reply_trans(539)
trans <\PIPE\> data=144 params=0 setup=2
[2006/03/10 13:34:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2006/03/10 13:34:02, 3] smbd/ipc.c:api_fd_reply(294)
Got API command 0x26 on pipe "samr" (pnum 711f)
[2006/03/10 13:34:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(1000, 100) : sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (1000, 100) - sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] rpc_server/srv_pipe.c:api_rpcTNP(1538)
api_rpcTNP: rpc command: SAMR_GET_DOM_PWINFO
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (1000, 100) - sec_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 14
[2006/03/10 13:34:02, 3] smbd/process.c:process_smb(1091)
Transaction 348 of length 1304
[2006/03/10 13:34:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 20531) conn 0x897c50
[2006/03/10 13:34:02, 3] smbd/ipc.c:reply_trans(539)
trans <\PIPE\> data=1216 params=0 setup=2
[2006/03/10 13:34:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2006/03/10 13:34:02, 3] smbd/ipc.c:api_fd_reply(294)
Got API command 0x26 on pipe "samr" (pnum 711f)
[2006/03/10 13:34:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(1000, 100) : sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (1000, 100) - sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] rpc_server/srv_pipe.c:api_rpcTNP(1538)
api_rpcTNP: rpc command: SAMR_CHGPASSWD_USER
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(1000, 100) : sec_ctx_stack_ndx = 2
[2006/03/10 13:34:02, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(104) : conn_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (1000, 100) - sec_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(1000, 100) : sec_ctx_stack_ndx = 2
[2006/03/10 13:34:02, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(104) : conn_ctx_stack_ndx = 0
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2006/03/10 13:34:02, 3] smbd/chgpasswd.c:chgpasswd(457)
chgpasswd: Password change (as_root=Yes) for user: housecat
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2006/03/10 13:34:02, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(104) : conn_ctx_stack_ndx = 1
[2006/03/10 13:34:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2006/03/10 13:34:02, 3] smbd/chgpasswd.c:chat_with_program(425)
chat_with_program: Dochild for user housecat (uid=0,gid=0) (as_root = Yes)

HoUsECAt
23rd March 2006, 15:55
still didn't found a solution... any ideas?

punch
10th May 2006, 17:25
Hi,

Try to change the "passwd chat" line in smb.conf to this:

passwd chat = *password* %n\n *password* %n\n *success*