Web lists-archives.com

Re: [Samba] Password change




Hai, 

I suggest try avoiding smbldap-tools, the last update as far i know is done in 2012. 
So its unmaintained, my advice, is ...  dont use it. 

Spend you time in setting up the AD, which also provide the ldap you need. 
That really the best advice... 

Greetz, 

Louis





> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens 
> Robin G via samba
> Verzonden: dinsdag 24 april 2018 15:45
> Aan: samba@xxxxxxxxxxxxxxx
> Onderwerp: [Samba] Password change
> 
> Hi Guys,
> 
> We are getting the following error when the users are trying 
> to change the
> password from their windows machine: "Configuration 
> information could not
> be read from the domain controller, either machine is 
> unavailable or access
> is denied"
> 
> Our Samba PDC has LDAP backend. We have the following
> 
> /etc/ldap/ldap.conf
> BASE   dc=testdomain
> URI    ldap://192.168.1.1
> TLS_CACERT /etc/ldap/ca_certs.pem
> TLS_REQCERT allow
> 
> access to attribute=userPassword
> by:
> access to attrs=userPassword,sambaNTPassword,sambaLMPassword
> 
> smb.conf for the smldap-tools bit is here
> 
> add user script = /usr/sbin/smbldap-useradd -m '%u'
>         passwd program = /usr/sbin/smbldap-passwd -u "%u"
>         passwd chat = "Changing *\nNew password*" %n\n "*Retype new
> password* "%n\n"
> 
> Have the following in /etc/ldap/slapd.d/cn=config/olcDatabase{1}.hdb
> 
> olcAccess: {0}to attrs=userPassword by self write by 
> anonymous auth by *
> none
> olcAccess: {1}to attrs=shadowLastChange by self write by * read
> olcAccess: {2}to * by * read
> olcLastMod: TRUE
> olcRootDN: cn=admin,dc=testdomain
> 
> Couldn't see anything in the /samba/logs so I guess it is an 
> issue with
> LDAP?
> 
> This is a fairly new setup and don't think it has worked before.
> 
> Thank you.
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba