Bug 430105
Summary: | smbldap-passwd fails on samba-only user | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | John Holmstadt <rhbz001> | ||||
Component: | smbldap-tools | Assignee: | Paul Howarth <paul> | ||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | low | ||||||
Version: | 8 | CC: | roth | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | 0.9.5-2.fc8 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2008-07-30 22:26:54 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
John Holmstadt
2008-01-24 15:28:44 UTC
Correction: userPassword is in the samba schema, however shadowLastChange and shadowMax are not. Additionally, here is the LDIF export of the applicable jdoe user account that was created using: smbldap-useradd -a -m -c "John Doe" -P jdoe dn: uid=jdoe,ou=People,dc=mydomain,dc=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: jdoe sn: jdoe givenName: jdoe uid: jdoe uidNumber: 8199 gidNumber: 513 homeDirectory: /var/resource/users/jdoe loginShell: /bin/bash gecos: John Doe userPassword: {crypt}x sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 displayName: jdoe sambaSID: S-1-5-21-2828578859-3132521847-1089271054-17398 sambaPrimaryGroupSID: S-1-5-21-2828578859-3132521847-1089271054-513 sambaLogonScript: jdoe.bat sambaHomeDrive: H: sambaAcctFlags: [U] sambaPwdMustChange: 1516489003 sambaLMPassword: (crypt) sambaNTPassword: (crypt) sambaPwdLastSet: 1201187794 Created attachment 306274 [details]
Patch for smbldap-passwd on smbldap-tools-0.9.4-1.fc8
Ok. Seems as though the problem revolves around smbldap-passwd trying to set
shadowMax when no defaultMaxPasswordAge has been set in smbldap.conf. I have
attached a simple patch which seems to resolve the issue without any
side-effects.
Quick query here: if you're not using the nis schema, how are you getting an "objectClass: shadowAccount" in Comment #1? (In reply to comment #3) > Quick query here: if you're not using the nis schema, how are you getting an > "objectClass: shadowAccount" in Comment #1? Sorry. That was incorrect. Somehow I missed the nis.schema include line in my slapd.conf, which obviously has shadowMax. So my bug subject is inaccurate, however the problem is still relevant. The new description should probably be "smbldap-passwd tries to set shadowMax even though defaultMaxPasswordAge is not defined". Does my patch make sense? Thanks! An almost identical patch has already been applied upstream in version 0.9.5. See: https://gna.org/bugs/?10230 I've put together some packages for various Fedora releases at: http://www.city-fan.org/ftp/contrib/sysutils/ The packages there are basically the same as the one I've just built for Rawhide. If they seem OK, I'll push them as updates for F8 and F-9. smbldap-tools-0.9.5-2.fc8 has been submitted as an update for Fedora 8 smbldap-tools-0.9.5-2.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update smbldap-tools'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-6199 This update is now in the main Fedora 8 updates repository. |