Trying changing: ldap passwd sync = no unix password sync = Yes Works for me. ----- Original Message ----- From: "Stephane ARMANET" <stephane.armanet at ch-st-julien.fr> To: Fedora-directory-users at redhat.com Sent: Thursday, March 29, 2007 11:57:22 AM (GMT-0500) America/New_York Subject: samba CTRL ALT DEL password sync problem Hello List I try to configure samba workig with FDS. It's look OK I can connect but when user try to change his password using CTRL + ALT + DEL from windows, after typing the passwords it returns: "current password or user's name is incorrect...." The samba-pasword is change but not the userPassword attribute The logs of samba tells: [2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_modify_entry(1574) ldapsam_modify_entry: LDAP Password could not be changed for user user1: Confidentiality required Operation requires a secure connection. [2007/03/19 12:28:51, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1720) ldapsam_update_sam_account: failed to modify user with uid = user1, error: Operation requires a secure connection. (Success) [2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(539) decode_pw_buffer: incorrect password length (-1886846999). [2007/03/19 12:28:51, 0] libsmb/smbencrypt.c:decode_pw_buffer(540) decode_pw_buffer: check that 'encrypt passwords = yes' My smb.conf: [global] workgroup = TEST2DOM netbios name = SERVADM os level = 65 domain logons = yes domain master = yes local master = yes security = user encrypt passwords = true pam password change = no ####### CONFIG LDAP ################ add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -g 515 -c 'Machine Account' -s /bin/false %u add user script = /usr/sbin/smbldap-useradd -a -m '%u' delete user script = /usr/sbin/smbldap-userdel -r '%u' add group script = /usr/sbin/smbldap-groupadd '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' # Connexion LDAP passdb backend = ldapsam:ldap://ds.ch-st-julien.intra ldap admin dn = uid=admin,dc=ch-st-julien,dc=fr ldap suffix = dc=ch-st-julien,dc=fr ldap user suffix = ou=People ldap group suffix = ou=Groups ldap machine suffix = ou=Computers passwd chat debug = Yes ldap passwd sync = yes unix password sync = no passwd program = /usr/bin/smbldap-passwd -u %U passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\spassword:* %n\n . ###### Gestion des ACL ####### nt acl support = yes # gestion heritage inherit acls = yes Is anyone has ever meet this problem ??? Thank's -- ARMANET Stephane -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20070329/9326e680/attachment.html
