ClearOS Bug Tracker

Main | My View | View Issues | Change Log | Roadmap | Repositories
  

View Revisions: Issue #1348 All Revisions ] Back to Issue ]
Summary 0001348: Samba change password facility dysfunctional
Revision 2013-09-26 11:11 by user2
Additional Information With this log snippet you can see that the password script executes normally, then samba tries to further change the password in LDAP.

[2013/09/25 23:37:50.386820, 3] rpc_server/samr/srv_samr_chgpasswd.c:496(chat_with_program)
  chat_with_program: Password change successful for user testuser
[2013/09/25 23:37:50.387011, 4] smbd/sec_ctx.c:214(push_sec_ctx)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.387092, 4] smbd/uid.c:460(push_conn_ctx)
  push_conn_ctx(102) : conn_ctx_stack_ndx = 1
[2013/09/25 23:37:50.387153, 4] smbd/sec_ctx.c:314(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.387213, 5] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2013/09/25 23:37:50.387291, 5] auth/token_util.c:527(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2013/09/25 23:37:50.387434, 4] smbd/sec_ctx.c:422(pop_sec_ctx)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2013/09/25 23:37:50.387533, 4] passdb/pdb_ldap.c:1997(ldapsam_update_sam_account)
  ldapsam_update_sam_account: user testuser to be modified has dn: cn=Test User,ou=Users,ou=Accounts,dc=daveloper,dc=net
[2013/09/25 23:37:50.387600, 2] passdb/pdb_ldap.c:1180(init_ldap_from_sam)
  init_ldap_from_sam: Setting entry for user: testuser
[2013/09/25 23:37:50.387667, 4] smbd/sec_ctx.c:214(push_sec_ctx)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.387728, 4] smbd/uid.c:460(push_conn_ctx)
  push_conn_ctx(102) : conn_ctx_stack_ndx = 1
[2013/09/25 23:37:50.387788, 4] smbd/sec_ctx.c:314(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.387849, 5] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2013/09/25 23:37:50.387908, 5] auth/token_util.c:527(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2013/09/25 23:37:50.388019, 4] smbd/sec_ctx.c:422(pop_sec_ctx)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2013/09/25 23:37:50.388094, 10] lib/smbldap.c:274(smbldap_get_single_attribute)
  smbldap_get_single_attribute: [sambaLMPassword] = [<does not exist>]
[2013/09/25 23:37:50.388171, 10] lib/smbldap.c:682(smbldap_make_mod_internal)
smbldap_make_mod: deleting attribute |sambaNTPassword| values |9BEC6D3FF69894218A7265152A896CE1|
[2013/09/25 23:37:50.388236, 10] lib/smbldap.c:698(smbldap_make_mod_internal)
  smbldap_make_mod: adding attribute |sambaNTPassword| value |E4A96A8E11203C887A6543549B9DC87F|
[2013/09/25 23:37:50.388323, 4] smbd/sec_ctx.c:214(push_sec_ctx)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.388385, 4] smbd/uid.c:460(push_conn_ctx)
  push_conn_ctx(102) : conn_ctx_stack_ndx = 1
[2013/09/25 23:37:50.388445, 4] smbd/sec_ctx.c:314(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.388506, 5] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2013/09/25 23:37:50.388566, 5] auth/token_util.c:527(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2013/09/25 23:37:50.388676, 4] smbd/sec_ctx.c:422(pop_sec_ctx)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2013/09/25 23:37:50.388805, 10] lib/smbldap.c:274(smbldap_get_single_attribute)
  smbldap_get_single_attribute: [sambaPasswordHistory] = [<does not exist>]
[2013/09/25 23:37:50.388866, 10] lib/smbldap.c:698(smbldap_make_mod_internal)
  smbldap_make_mod: adding attribute |sambaPasswordHistory| value (snip)
[2013/09/25 23:37:50.388949, 10] lib/smbldap.c:682(smbldap_make_mod_internal)
  smbldap_make_mod: deleting attribute |sambaPwdLastSet| values |1380171167|
[2013/09/25 23:37:50.389015, 10] lib/smbldap.c:698(smbldap_make_mod_internal)
  smbldap_make_mod: adding attribute |sambaPwdLastSet| value |1380173870|
[2013/09/25 23:37:50.389083, 5] lib/smbldap.c:1636(smbldap_modify)
  smbldap_modify: dn => [cn=Test User,ou=Users,ou=Accounts,dc=daveloper,dc=net]
[2013/09/25 23:37:50.389614, 10] lib/smbldap.c:1656(smbldap_modify)
  Failed to modify dn: cn=Test User,ou=Users,ou=Accounts,dc=daveloper,dc=net, error: 16 (No such attribute) (modify/delete: sambaNTPassword: no such value)
[2013/09/25 23:37:50.389746, 4] smbd/sec_ctx.c:422(pop_sec_ctx)
  pop_sec_ctx (353, 63000) - sec_ctx_stack_ndx = 1
[2013/09/25 23:37:50.389822, 5] rpc_server/samr/srv_samr_nt.c:1862(_samr_ChangePasswordUser2)
  _samr_ChangePasswordUser2: 1862
[2013/09/25 23:37:50.389884, 1] ../librpc/ndr/ndr.c:284(ndr_print_function_debug)
       samr_ChangePasswordUser2: struct samr_ChangePasswordUser2
          out: struct samr_ChangePasswordUser2
              result : NT_STATUS_UNSUCCESSFUL
[2013/09/25 23:37:50.390021, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP)
  api_rpcTNP: called \samr successfully
[2013/09/25 23:37:50.390110, 4] smbd/sec_ctx.c:422(pop_sec_ctx)
  pop_sec_ctx (353, 63000) - sec_ctx_stack_ndx = 0
[2013/09/25 23:37:50.390177, 10] rpc_server/srv_pipe_hnd.c:247(write_to_internal_pipe)
  write_to_pipe: data_used = 1200
Revision 2013-09-25 23:52 by dloper
Additional Information With this log snippet you can see that the password script executes normally, then samba tries to further change the password in LDAP.

[2013/09/25 23:37:50.386820, 3] rpc_server/samr/srv_samr_chgpasswd.c:496(chat_with_program)
  chat_with_program: Password change successful for user testuser
[2013/09/25 23:37:50.387011, 4] smbd/sec_ctx.c:214(push_sec_ctx)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.387092, 4] smbd/uid.c:460(push_conn_ctx)
  push_conn_ctx(102) : conn_ctx_stack_ndx = 1
[2013/09/25 23:37:50.387153, 4] smbd/sec_ctx.c:314(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.387213, 5] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2013/09/25 23:37:50.387291, 5] auth/token_util.c:527(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2013/09/25 23:37:50.387434, 4] smbd/sec_ctx.c:422(pop_sec_ctx)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2013/09/25 23:37:50.387533, 4] passdb/pdb_ldap.c:1997(ldapsam_update_sam_account)
  ldapsam_update_sam_account: user testuser to be modified has dn: cn=Test User,ou=Users,ou=Accounts,dc=daveloper,dc=net
[2013/09/25 23:37:50.387600, 2] passdb/pdb_ldap.c:1180(init_ldap_from_sam)
  init_ldap_from_sam: Setting entry for user: testuser
[2013/09/25 23:37:50.387667, 4] smbd/sec_ctx.c:214(push_sec_ctx)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.387728, 4] smbd/uid.c:460(push_conn_ctx)
  push_conn_ctx(102) : conn_ctx_stack_ndx = 1
[2013/09/25 23:37:50.387788, 4] smbd/sec_ctx.c:314(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.387849, 5] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2013/09/25 23:37:50.387908, 5] auth/token_util.c:527(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2013/09/25 23:37:50.388019, 4] smbd/sec_ctx.c:422(pop_sec_ctx)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2013/09/25 23:37:50.388094, 10] lib/smbldap.c:274(smbldap_get_single_attribute)
  smbldap_get_single_attribute: [sambaLMPassword] = [<does not exist>]
[2013/09/25 23:37:50.388171, 10] lib/smbldap.c:682(smbldap_make_mod_internal)
smbldap_make_mod: deleting attribute |sambaNTPassword| values |9BEC6D3FF69894218A7265152A896CE1|
[2013/09/25 23:37:50.388236, 10] lib/smbldap.c:698(smbldap_make_mod_internal)
  smbldap_make_mod: adding attribute |sambaNTPassword| value |E4A96A8E11203C887A6543549B9DC87F|
[2013/09/25 23:37:50.388323, 4] smbd/sec_ctx.c:214(push_sec_ctx)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.388385, 4] smbd/uid.c:460(push_conn_ctx)
  push_conn_ctx(102) : conn_ctx_stack_ndx = 1
[2013/09/25 23:37:50.388445, 4] smbd/sec_ctx.c:314(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2013/09/25 23:37:50.388506, 5] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2013/09/25 23:37:50.388566, 5] auth/token_util.c:527(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2013/09/25 23:37:50.388676, 4] smbd/sec_ctx.c:422(pop_sec_ctx)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2013/09/25 23:37:50.388805, 10] lib/smbldap.c:274(smbldap_get_single_attribute)
  smbldap_get_single_attribute: [sambaPasswordHistory] = [<does not exist>]
[2013/09/25 23:37:50.388866, 10] lib/smbldap.c:698(smbldap_make_mod_internal)
  smbldap_make_mod: adding attribute |sambaPasswordHistory| value |00000000000000000000000000000000E4A96A8E11203C887A6543549B9DC87F0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000|
[2013/09/25 23:37:50.388949, 10] lib/smbldap.c:682(smbldap_make_mod_internal)
  smbldap_make_mod: deleting attribute |sambaPwdLastSet| values |1380171167|
[2013/09/25 23:37:50.389015, 10] lib/smbldap.c:698(smbldap_make_mod_internal)
  smbldap_make_mod: adding attribute |sambaPwdLastSet| value |1380173870|
[2013/09/25 23:37:50.389083, 5] lib/smbldap.c:1636(smbldap_modify)
  smbldap_modify: dn => [cn=Test User,ou=Users,ou=Accounts,dc=daveloper,dc=net]
[2013/09/25 23:37:50.389614, 10] lib/smbldap.c:1656(smbldap_modify)
  Failed to modify dn: cn=Test User,ou=Users,ou=Accounts,dc=daveloper,dc=net, error: 16 (No such attribute) (modify/delete: sambaNTPassword: no such value)
[2013/09/25 23:37:50.389746, 4] smbd/sec_ctx.c:422(pop_sec_ctx)
  pop_sec_ctx (353, 63000) - sec_ctx_stack_ndx = 1
[2013/09/25 23:37:50.389822, 5] rpc_server/samr/srv_samr_nt.c:1862(_samr_ChangePasswordUser2)
  _samr_ChangePasswordUser2: 1862
[2013/09/25 23:37:50.389884, 1] ../librpc/ndr/ndr.c:284(ndr_print_function_debug)
       samr_ChangePasswordUser2: struct samr_ChangePasswordUser2
          out: struct samr_ChangePasswordUser2
              result : NT_STATUS_UNSUCCESSFUL
[2013/09/25 23:37:50.390021, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP)
  api_rpcTNP: called \samr successfully
[2013/09/25 23:37:50.390110, 4] smbd/sec_ctx.c:422(pop_sec_ctx)
  pop_sec_ctx (353, 63000) - sec_ctx_stack_ndx = 0
[2013/09/25 23:37:50.390177, 10] rpc_server/srv_pipe_hnd.c:247(write_to_internal_pipe)
  write_to_pipe: data_used = 1200

Sitemap

Foundation

Company

Partners

Purchase

Contact Us