Created attachment 18237 [details] Smbpasswd fail to change local UNIX user password (ZTEST) when samba role is DC My case : Local UNIX user : ZTEST domain user : UUQ\ztest smb.conf for standalone samba : /home/hywu/smb.conf [/home/hywu] # cat /home/hywu/smb.conf [global] passdb backend = smbpasswd workgroup = WORKGROUP security=user Smbpasswd fail to change local UNIX user password (ZTEST) when samba role is DC as attached picture. I checked samba code then I found the problem is order of gerpwnam call in Get_Pwnam_internals(). Lowercase first order will get domain user (UUQ/ztest) but local account(ZTEST). local_password_change() pdb_getsampwnam() smbpasswd_getsampwnam() build_sam_account() Get_Pwnam_alloc() Get_Pwnam_internals() getpwnam_alloc_cached() getpwnam() (nss_winbinadd) winbindd_getpwnam_send() parse_domain_user() assume_domain() When samba role is DC , "winbind use default domain" does not work in assume_domain(). Then getpwnam() get domain user. I have checked the following list and commit https://lists.samba.org/archive/samba-technical/2008-March/058508.html https://git.samba.org/?p=samba.git;a=commitdiff;h=ea4a0d509ef70e91baedc5eebf4f4bcff10dac96 Why the order of getpwnam call in Get_Pwnam_internals() change from original name first to lowercase first?
(In reply to HY Wu from comment #0) You appear to have a severely borked Samba AD DC, from your image (please do not post images of a terminal, cut & paste the data into a file instead) there is this: UUQ\ztest:*:3000013:100::/home/UUQ/ztest:/bin/false You only get IDs in the '3000000' range on a Samba AD DC and the users should not be in /etc/passwd. On a DC, local Unix users are just that, local and as such, are unknown to Samba. I think you need to come and discuss this on the samba mailing list. If you are not registered for the list, then go here: https://lists.samba.org/mailman/listinfo/samba Register and then ask for advice there.
Closing this, after a discussion on the samba mailing list, it appears the bug reporter has a misconfigured AD DC.