Bug 5112 - user manager "Access Denied"
Summary: user manager "Access Denied"
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: User/Group Accounts (show other bugs)
Version: 3.0.27
Hardware: x86 Windows XP
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-11-28 03:16 UTC by Andriashyk
Modified: 2018-05-07 13:41 UTC (History)
0 users

See Also:

Attachments
log (85.60 KB, application/zip)
2007-11-29 03:37 UTC, Andriashyk 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andriashyk 2007-11-28 03:16:13 UTC 
After an update fedora 6 -> fedora 8
with samba 3.026a, 3.027, 3.027a

when using the , (usrmgr.exe) the following occurs:

1.can display user properties with no problem. when trying to change the
"Password" field of a user, windows said "Access Denied".

var/log/secure:
Nov 28 11:03:50 atlant smbd[20086]: pam_cracklib(samba:chauthtok): conversation failed

2.when trying to add a new user: windows said "Access Denied".

var/log/secure:
Nov 28 10:52:37 atlant useradd[19834]: new user: name=wq111111111, UID=668, GID=100, home=/home/wq111111111, shell=/bin/bash
Nov 28 10:52:37 atlant smbd[19817]: pam_cracklib(samba:chauthtok): conversation failed
Nov 28 10:52:37 atlant smbd[19817]:last message repeated 2 times
Nov 28 10:52:37 atlant userdel[19839]: delete user `wq111111111'
Comment 1 Volker Lendecke 2007-11-28 13:31:23 UTC 
Please upload your smb.conf and a full debug level 10 log of the smbd that fails.

Volker
Comment 2 Andriashyk 2007-11-29 03:04:09 UTC 
[global]
	dos charset = CP866
	display charset = UTF-8
        unix charset = UTF-8
        short preserve case = yes
	workgroup = usico
	netbios name = Atlant
	interfaces = lo eth1
	bind interfaces only = Yes
	passdb backend = tdbsam
	hosts allow = 127. 192.168.254.

debug level = 10
log file = /var/log/samba/%m.log
max log size = 500

#        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
         socket options = TCP_NODELAY IPTOS_LOWDELAY IPTOS_THROUGHPUT SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192
#        
	add user script = /usr/sbin/useradd -m -g users %u
	delete user script = /usr/sbin/userdel -r %u
	add group script = /usr/sbin/groupadd %g
	delete group script = /usr/sbin/groupdel %g
#	add user to group script = /usr/sbin/usermod -G %g %u
	add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null  -g machines %u

        add user to group script = /usr/bin/gpasswd -a %u %g
        delete user from group script = /usr/bin/gpasswd -d %u %g

        #add machine script = /usr/sbin/useradd -g nt_workstations -s /bin/false -d /dev/null %u
        set primary group script = /usr/sbin/usermod -g %g %u

	logon path = 
	logon home = 
	logon drive = H:
	domain logons = Yes
	os level = 45
	preferred master = Yes
	domain master = Yes
	wins support = Yes
	ldap ssl = no
	idmap uid = 15000-20000
	idmap gid = 15000-20000
	admin users = root borsch
	encrypt passwords = yes
	guest ok = yes
#	guest account = user
	username map = /etc/samba/smbusers
	server string = UOSK-PDC
	security = user
        pam password change = Yes
        passwd program = /usr/bin/passwd %u
        passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
        unix password sync = Yes
        delete veto files = Yes
        hide dot files = Yes
#
[homes]
	comment = Home Directories
        	browseable = no
	writeable = yes
                veto files = /*.eml/*.nws/*.rar/*.pif/*.bat/*.scr/*.*.exe/*.exe
#
[shares]
	comment = Shares 
	path = /var/smbres
        read only = No
	writeable = yes
	browseable = yes
	guest ok = yes
#
veto files = *.scr/desktop.ini/*.pif/*.exe
force create mode = 0664
force directory mode = 0775
veto oplock files = /*.LCK/*.lck/*.MD/*.md/*.cdx/*.CDX/*.dbf/*.DBF/
oplock contention limit = 1
vfs objects = recycle  
#
recycle:exclude_dir = /tmp
recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
recycle:noversions = *.doc|*.xls|*.ppt
recycle:maxsize = 100000
recycle:version = Yes
recycle:touch = Yes
recycle:keeptree = Yes
recycle:repository = Корзина
#
...................................

2007/11/29 10:52:32, 0] smbd/server.c:main(944)
  smbd version 3.0.27a-0.fc8 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2007
[2007/11/29 10:52:32, 5] lib/debug.c:debug_dump_status(391)
  INFO: Current debug levels:
    all: True/10
    tdb: False/0
    printdrivers: False/0
    lanman: False/0
    smb: False/0
    rpc_parse: False/0
    rpc_srv: False/0
    rpc_cli: False/0
    passdb: False/0
    sam: False/0
    auth: False/0
    winbind: False/0
    vfs: False/0
    idmap: False/0
    quota: False/0
    acls: False/0
    locking: False/0
    msdfs: False/0
    dmapi: False/0
  doing parameter log file = /var/log/samba/%m.log
  doing parameter max log size = 500
  doing parameter socket options = TCP_NODELAY IPTOS_LOWDELAY IPTOS_THROUGHPUT SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192
  doing parameter add user script = /usr/sbin/useradd -m -g users %u
  doing parameter delete user script = /usr/sbin/userdel -r %u
  doing parameter add group script = /usr/sbin/groupadd %g
  doing parameter delete group script = /usr/sbin/groupdel %g
  doing parameter add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null  -g machines %u
  doing parameter add user to group script = /usr/bin/gpasswd -a %u %g
  doing parameter delete user from group script = /usr/bin/gpasswd -d %u %g
  doing parameter set primary group script = /usr/sbin/usermod -g %g %u
  doing parameter logon path = 
  doing parameter logon home = 
  doing parameter logon drive = H:
  doing parameter domain logons = Yes
  doing parameter os level = 45
  doing parameter preferred master = Yes
  doing parameter domain master = Yes
  doing parameter wins support = Yes
  doing parameter ldap ssl = no
  doing parameter idmap uid = 15000-20000
  doing parameter idmap gid = 15000-20000
  doing parameter admin users = root borsch
  doing parameter encrypt passwords = yes
  doing parameter guest ok = yes
  doing parameter username map = /etc/samba/smbusers
  doing parameter server string = UOSK-PDC
  doing parameter security = user
  doing parameter pam password change = Yes
  doing parameter passwd program = /usr/bin/passwd %u
  doing parameter passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
  doing parameter unix password sync = Yes
  doing parameter delete veto files = Yes
  doing parameter hide dot files = Yes
[2007/11/29 10:52:32, 2] param/loadparm.c:do_section(3796)
  Processing section "[homes]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 0 for homes
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2614)
  hash_a_service: creating tdb servicehash
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 0 for service name homes
  doing parameter comment = Home Directories
  doing parameter browseable = no
  doing parameter writeable = yes
  doing parameter veto files = /*.eml/*.nws/*.rar/*.pif/*.bat/*.scr/*.*.exe/*.exe
[2007/11/29 10:52:32, 2] param/loadparm.c:do_section(3796)
  Processing section "[shares]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 1 for shares
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 1 for service name shares
  doing parameter comment = Shares (ÐÐ»Ñ Ð²Ñеменного ÑÑÐ°Ð½ÐµÐ½Ð¸Ñ Ð¸Ð½ÑоÑмаÑии)
  doing parameter path = /var/smbres
  doing parameter read only = No
  doing parameter writeable = yes
  doing parameter browseable = yes
  doing parameter guest ok = yes
  doing parameter veto files = *.scr/desktop.ini/*.pif/*.exe
  doing parameter force create mode = 0664
  doing parameter force directory mode = 0775
  doing parameter veto oplock files = /*.LCK/*.lck/*.MD/*.md/*.cdx/*.CDX/*.dbf/*.DBF/
  doing parameter oplock contention limit = 1
  doing parameter vfs objects = recycle
  doing parameter recycle:exclude_dir = /tmp
  doing parameter recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  doing parameter recycle:noversions = *.doc|*.xls|*.ppt
  doing parameter recycle:maxsize = 100000
  doing parameter recycle:version = Yes
  doing parameter recycle:touch = Yes
  doing parameter recycle:keeptree = Yes
  doing parameter recycle:repository = ÐоÑзина
[2007/11/29 10:52:32, 3] lib/charcnv.c:convert_string_internal(254)
  E2BIG: convert_string(UTF-8,UTF-16LE): srclen=6395 destlen=2048 - 'ÐеÑеÑÑÑаÑование]
  	comment = ÐбÑий ÑеÑÑÑÑ ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿ÐµÑеÑÑÑаÑованиÑ
  	path = /var/resurs/ÐеÑеÑÑÑаÑование
  #	browseable = No
  	browseable = yes
     	public = No
  #   	read list = @nt_reins
  	writable = yes
  	printable = no
  	valid users = @nt_reins @nt_admin
  	write list = @nt_reins @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  veto files = *.scr/desktop.ini/*.pif/*.exe
  vfs objects = recycle  
  recycle:exclude_dir = /tmp
  recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  recycle:noversions = *.doc|*.xls|*.ppt
  recycle:maxsize = 100000
  recycle:version = Yes
  recycle:touch = Yes
  recycle:keeptree = Yes
  recycle:repository = ÐоÑзина
  #
  [ÐеÑодологиÑ]
  	comment = ÐеÑодологиÑ
  	path = /var/resurs/ÐеÑодологиÑ
     	public = no
  	browseable = yes
  	writable = yes
  	printable = no
  	valid users = @nt_metolog @nt_admin
  	write list = @nt_metolog @nt_admin
  	creaProcessing section "[ÐеÑеÑÑÑаÑование]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 2 for ÐеÑеÑÑÑаÑование
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 2 for service name ÐеÑеÑÑÑаÑование
  doing parameter comment = ÐбÑий ÑеÑÑÑÑ ÑпÑÐ°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿ÐµÑеÑÑÑаÑованиÑ
  doing parameter path = /var/resurs/ÐеÑеÑÑÑаÑование
  doing parameter browseable = yes
  doing parameter public = No
  doing parameter writable = yes
  doing parameter printable = no
  doing parameter valid users = @nt_reins @nt_admin
  doing parameter write list = @nt_reins @nt_admin
  doing parameter create mask = 0777
  doing parameter directory mask = 0777
  doing parameter veto files = *.scr/desktop.ini/*.pif/*.exe
  doing parameter vfs objects = recycle
  doing parameter recycle:exclude_dir = /tmp
  doing parameter recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  doing parameter recycle:noversions = *.doc|*.xls|*.ppt
  doing parameter recycle:maxsize = 100000
  doing parameter recycle:version = Yes
  doing parameter recycle:touch = Yes
  doing parameter recycle:keeptree = Yes
  doing parameter recycle:repository = ÐоÑзина
[2007/11/29 10:52:32, 3] lib/charcnv.c:convert_string_internal(254)
  E2BIG: convert_string(UTF-8,UTF-16LE): srclen=5685 destlen=2048 - 'ÐеÑодологиÑ]
  	comment = ÐеÑодологиÑ
  	path = /var/resurs/ÐеÑодологиÑ
     	public = no
  	browseable = yes
  	writable = yes
  	printable = no
  	valid users = @nt_metolog @nt_admin
  	write list = @nt_metolog @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  veto files = *.scr/desktop.ini/*.pif/*.exe
  vfs objects = recycle  
  recycle:exclude_dir = /tmp
  recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  recycle:noversions = *.doc|*.xls|*.ppt
  recycle:maxsize = 100000
  recycle:version = Yes
  recycle:touch = Yes
  recycle:keeptree = Yes
  recycle:repository = ÐоÑзина
  
  [ЭÑалонÑ]
  	comment = ЭÑалонÑ
  	path = /var/resurs/ЭÑÐ°Ð»Ð¾Ð½Ñ ÑÑандаÑÑ
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @nt_metolog @nt_user @nt_admin
  	write list = @nt_metolog @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  veto files = *.scr/desktop.ini/*.pif/*.exe
  vfs objects = recycle  
  recProcessing section "[ÐеÑодологиÑ]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 3 for ÐеÑодологиÑ
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 3 for service name ÐеÑодологиÑ
  doing parameter comment = ÐеÑодологиÑ
  doing parameter path = /var/resurs/ÐеÑодологиÑ
  doing parameter public = no
  doing parameter browseable = yes
  doing parameter writable = yes
  doing parameter printable = no
  doing parameter valid users = @nt_metolog @nt_admin
  doing parameter write list = @nt_metolog @nt_admin
  doing parameter create mask = 0777
  doing parameter directory mask = 0777
  doing parameter veto files = *.scr/desktop.ini/*.pif/*.exe
  doing parameter vfs objects = recycle
  doing parameter recycle:exclude_dir = /tmp
  doing parameter recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  doing parameter recycle:noversions = *.doc|*.xls|*.ppt
  doing parameter recycle:maxsize = 100000
  doing parameter recycle:version = Yes
  doing parameter recycle:touch = Yes
  doing parameter recycle:keeptree = Yes
  doing parameter recycle:repository = ÐоÑзина
[2007/11/29 10:52:32, 3] lib/charcnv.c:convert_string_internal(254)
  E2BIG: convert_string(UTF-8,UTF-16LE): srclen=5086 destlen=2048 - 'ЭÑалонÑ]
  	comment = ЭÑалонÑ
  	path = /var/resurs/ЭÑÐ°Ð»Ð¾Ð½Ñ ÑÑандаÑÑ
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @nt_metolog @nt_user @nt_admin
  	write list = @nt_metolog @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  veto files = *.scr/desktop.ini/*.pif/*.exe
  vfs objects = recycle  
  recycle:exclude_dir = /tmp
  recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  recycle:noversions = *.doc|*.xls|*.ppt
  recycle:maxsize = 100000
  recycle:version = Yes
  recycle:touch = Yes
  recycle:keeptree = Yes
  recycle:repository = ÐоÑзина
  
  #[ЭÑÐ°Ð»Ð¾Ð½Ñ ÑкÑклÑзив]
  #	comment = ЭÑÐ°Ð»Ð¾Ð½Ñ ÑкÑклÑзив
  #	path = /var/resurs/ЭÑÐ°Ð»Ð¾Ð½Ñ ÑкÑклÑзив
  #   	public = no
  #	browseable = yes
  #	writable = no
  #	printable = no
  #	valid users = @nt_metolog @nt_excl @nt_admin
  #	write list = @nt_metolog @nt_admin
  #	create mask = 0777
  #	directory mask = 0777
  #
  [Soft]
  	comment = Processing section "[ЭÑалонÑ]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 4 for ЭÑалонÑ
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 4 for service name ЭÑалонÑ
  doing parameter comment = ЭÑалонÑ
  doing parameter path = /var/resurs/ЭÑÐ°Ð»Ð¾Ð½Ñ ÑÑандаÑÑ
  doing parameter public = no
  doing parameter browseable = yes
  doing parameter writable = no
  doing parameter printable = no
  doing parameter valid users = @nt_metolog @nt_user @nt_admin
  doing parameter write list = @nt_metolog @nt_admin
  doing parameter create mask = 0777
  doing parameter directory mask = 0777
  doing parameter veto files = *.scr/desktop.ini/*.pif/*.exe
  doing parameter vfs objects = recycle
  doing parameter recycle:exclude_dir = /tmp
  doing parameter recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  doing parameter recycle:noversions = *.doc|*.xls|*.ppt
  doing parameter recycle:maxsize = 100000
  doing parameter recycle:version = Yes
  doing parameter recycle:touch = Yes
  doing parameter recycle:keeptree = Yes
  doing parameter recycle:repository = ÐоÑзина
[2007/11/29 10:52:32, 2] param/loadparm.c:do_section(3796)
  Processing section "[Soft]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 5 for Soft
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 5 for service name Soft
  doing parameter comment = Software
  doing parameter path = /var/resurs/soft
  doing parameter public = yes
  doing parameter writable = no
  doing parameter printable = no
  doing parameter guest ok = yes
  doing parameter write list = @nt_admin
  doing parameter create mask = 0777
  doing parameter directory mask = 0777
  doing parameter veto files = *.scr/desktop.ini/*.pif
[2007/11/29 10:52:32, 3] lib/charcnv.c:convert_string_internal(254)
  E2BIG: convert_string(UTF-8,UTF-16LE): srclen=3911 destlen=2048 - 'ЮÑидиÑеÑÐºÐ°Ñ ÑлÑжба]
  	comment = ЮÑидиÑеÑÐºÐ°Ñ ÑлÑжба
  	path = /var/resurs/ЮÑидиÑеÑÐºÐ°Ñ ÑлÑжба
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @nt_pravo @nt_admin
  	write list = @nt_pravo @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  veto files = *.scr/desktop.ini/*.pif/*.exe
  vfs objects = recycle  
  recycle:exclude_dir = /tmp
  recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  recycle:noversions = *.doc|*.xls|*.ppt
  recycle:maxsize = 100000
  recycle:version = Yes
  recycle:touch = Yes
  recycle:keeptree = Yes
  recycle:repository = ÐоÑзина
  #
  [ÐÑÑгалÑеÑиÑ]
  	comment = ÐÑÑгалÑеÑиÑ
  	path = /var/resurs/ÐÑÑгалÑеÑиÑ
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @accountant @nt_admin
  	write list = @accountant @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  #veto files = *.scr/desktop.ini/*.pifProcessing section "[ЮÑидиÑеÑÐºÐ°Ñ ÑлÑжба]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 6 for ЮÑидиÑеÑÐºÐ°Ñ ÑлÑжба
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 6 for service name ЮÑидиÑеÑÐºÐ°Ñ ÑлÑжба
  doing parameter comment = ЮÑидиÑеÑÐºÐ°Ñ ÑлÑжба
  doing parameter path = /var/resurs/ЮÑидиÑеÑÐºÐ°Ñ ÑлÑжба
  doing parameter public = no
  doing parameter browseable = yes
  doing parameter writable = no
  doing parameter printable = no
  doing parameter valid users = @nt_pravo @nt_admin
  doing parameter write list = @nt_pravo @nt_admin
  doing parameter create mask = 0777
  doing parameter directory mask = 0777
  doing parameter veto files = *.scr/desktop.ini/*.pif/*.exe
  doing parameter vfs objects = recycle
  doing parameter recycle:exclude_dir = /tmp
  doing parameter recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  doing parameter recycle:noversions = *.doc|*.xls|*.ppt
  doing parameter recycle:maxsize = 100000
  doing parameter recycle:version = Yes
  doing parameter recycle:touch = Yes
  doing parameter recycle:keeptree = Yes
  doing parameter recycle:repository = ÐоÑзина
[2007/11/29 10:52:32, 3] lib/charcnv.c:convert_string_internal(254)
  E2BIG: convert_string(UTF-8,UTF-16LE): srclen=3277 destlen=2048 - 'ÐÑÑгалÑеÑиÑ]
  	comment = ÐÑÑгалÑеÑиÑ
  	path = /var/resurs/ÐÑÑгалÑеÑиÑ
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @accountant @nt_admin
  	write list = @accountant @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  #veto files = *.scr/desktop.ini/*.pif
  vfs objects = recycle  
  recycle:exclude_dir = /tmp
  recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  recycle:noversions = *.doc|*.xls|*.ppt
  recycle:maxsize = 100000
  recycle:version = Yes
  recycle:touch = Yes
  recycle:keeptree = Yes
  recycle:repository = ÐоÑзина
  #
  [УÑегÑлиÑование]
  	comment = УÑегÑлиÑование ÑÑеÑбов
  	path = /var/resurs/УÑегÑлиÑование
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @nt_ureg @nt_admin
  	write list = @nt_ureg @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  veto files = *.scr/desktop.ini/*.pif/*.exe
  vfs objProcessing section "[ÐÑÑгалÑеÑиÑ]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 7 for ÐÑÑгалÑеÑиÑ
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 7 for service name ÐÑÑгалÑеÑиÑ
  doing parameter comment = ÐÑÑгалÑеÑиÑ
  doing parameter path = /var/resurs/ÐÑÑгалÑеÑиÑ
  doing parameter public = no
  doing parameter browseable = yes
  doing parameter writable = no
  doing parameter printable = no
  doing parameter valid users = @accountant @nt_admin
  doing parameter write list = @accountant @nt_admin
  doing parameter create mask = 0777
  doing parameter directory mask = 0777
  doing parameter vfs objects = recycle
  doing parameter recycle:exclude_dir = /tmp
  doing parameter recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  doing parameter recycle:noversions = *.doc|*.xls|*.ppt
  doing parameter recycle:maxsize = 100000
  doing parameter recycle:version = Yes
  doing parameter recycle:touch = Yes
  doing parameter recycle:keeptree = Yes
  doing parameter recycle:repository = ÐоÑзина
[2007/11/29 10:52:32, 3] lib/charcnv.c:convert_string_internal(254)
  E2BIG: convert_string(UTF-8,UTF-16LE): srclen=2683 destlen=2048 - 'УÑегÑлиÑование]
  	comment = УÑегÑлиÑование ÑÑеÑбов
  	path = /var/resurs/УÑегÑлиÑование
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @nt_ureg @nt_admin
  	write list = @nt_ureg @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  veto files = *.scr/desktop.ini/*.pif/*.exe
  vfs objects = recycle  
  recycle:exclude_dir = /tmp
  recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  recycle:noversions = *.doc|*.xls|*.ppt
  recycle:maxsize = 100000
  recycle:version = Yes
  recycle:touch = Yes
  recycle:keeptree = Yes
  recycle:repository = ÐоÑзина
  #
  [СÑÑаÑование ÑобÑÑвенноÑÑи]
  	comment = СÑÑаÑование
  	path = /var/resurs/СÑÑаÑование ÑобÑÑвенноÑÑи
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @nt_user @nt_admin
  	write list = @nt_user @nt_admin
  	create mask = 0777
  	directory mask = 0777Processing section "[УÑегÑлиÑование]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 8 for УÑегÑлиÑование
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 8 for service name УÑегÑлиÑование
  doing parameter comment = УÑегÑлиÑование ÑÑеÑбов
  doing parameter path = /var/resurs/УÑегÑлиÑование
  doing parameter public = no
  doing parameter browseable = yes
  doing parameter writable = no
  doing parameter printable = no
  doing parameter valid users = @nt_ureg @nt_admin
  doing parameter write list = @nt_ureg @nt_admin
  doing parameter create mask = 0777
  doing parameter directory mask = 0777
  doing parameter veto files = *.scr/desktop.ini/*.pif/*.exe
  doing parameter vfs objects = recycle
  doing parameter recycle:exclude_dir = /tmp
  doing parameter recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  doing parameter recycle:noversions = *.doc|*.xls|*.ppt
  doing parameter recycle:maxsize = 100000
  doing parameter recycle:version = Yes
  doing parameter recycle:touch = Yes
  doing parameter recycle:keeptree = Yes
  doing parameter recycle:repository = ÐоÑзина
[2007/11/29 10:52:32, 3] lib/charcnv.c:convert_string_internal(254)
  E2BIG: convert_string(UTF-8,UTF-16LE): srclen=2057 destlen=2048 - 'СÑÑаÑование ÑобÑÑвенноÑÑи]
  	comment = СÑÑаÑование
  	path = /var/resurs/СÑÑаÑование ÑобÑÑвенноÑÑи
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @nt_user @nt_admin
  	write list = @nt_user @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  veto files = *.scr/desktop.ini/*.pif/*.exe
  vfs objects = recycle  
  recycle:exclude_dir = /tmp
  recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  recycle:noversions = *.doc|*.xls|*.ppt
  recycle:maxsize = 100000
  recycle:version = Yes
  recycle:touch = Yes
  recycle:keeptree = Yes
  recycle:repository = ÐоÑзина
  #
  [ÐоÑпоÑаÑивное ÑÑÑаÑование]
  	comment = ÐоÑпоÑаÑивное ÑÑÑаÑование
  	path = /var/resurs/ÐоÑпоÑаÑивное ÑÑÑаÑование
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @nt_korp @nt_admin
  	write list = @nt_korp @nt_Processing section "[СÑÑаÑование ÑобÑÑвенноÑÑи]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 9 for СÑÑаÑование ÑобÑÑвенноÑÑи
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 9 for service name СÑÑаÑование ÑобÑÑвенноÑÑи
  doing parameter comment = СÑÑаÑование
  doing parameter path = /var/resurs/СÑÑаÑование ÑобÑÑвенноÑÑи
  doing parameter public = no
  doing parameter browseable = yes
  doing parameter writable = no
  doing parameter printable = no
  doing parameter valid users = @nt_user @nt_admin
  doing parameter write list = @nt_user @nt_admin
  doing parameter create mask = 0777
  doing parameter directory mask = 0777
  doing parameter veto files = *.scr/desktop.ini/*.pif/*.exe
  doing parameter vfs objects = recycle
  doing parameter recycle:exclude_dir = /tmp
  doing parameter recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  doing parameter recycle:noversions = *.doc|*.xls|*.ppt
  doing parameter recycle:maxsize = 100000
  doing parameter recycle:version = Yes
  doing parameter recycle:touch = Yes
  doing parameter recycle:keeptree = Yes
  doing parameter recycle:repository = ÐоÑзина
[2007/11/29 10:52:32, 3] lib/charcnv.c:convert_string_internal(254)
  E2BIG: convert_string(UTF-8,UTF-16LE): srclen=1410 destlen=2048 - 'ÐоÑпоÑаÑивное ÑÑÑаÑование]
  	comment = ÐоÑпоÑаÑивное ÑÑÑаÑование
  	path = /var/resurs/ÐоÑпоÑаÑивное ÑÑÑаÑование
     	public = no
  	browseable = yes
  	writable = no
  	printable = no
  	valid users = @nt_korp @nt_admin
  	write list = @nt_korp @nt_admin
  	create mask = 0777
  	directory mask = 0777
  #
  veto files = *.scr/desktop.ini/*.pif/*.exe
  vfs objects = recycle  
  recycle:exclude_dir = /tmp
  recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  recycle:noversions = *.doc|*.xls|*.ppt
  recycle:maxsize = 100000
  recycle:version = Yes
  recycle:touch = Yes
  recycle:keeptree = Yes
  recycle:repository = ÐоÑзина
  #
  [ÐÑиемнаÑ]
  	comment = ÐÑиемнаÑ
  	path = /var/resurs/ÐÑиемнаÑ
                  read only = No
  	writeable = yes
  	browseable = yes
  	guest ok = yes
  #
  veto files = *.scr/desktop.ini/*.pif/*.exe
  force create mode = 0664
  force directory mode = 0775
  veto oplock files Processing section "[ÐоÑпоÑаÑивное ÑÑÑаÑование]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 10 for ÐоÑпоÑаÑивное ÑÑÑаÑование
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 10 for service name ÐоÑпоÑаÑивное ÑÑÑаÑование
  doing parameter comment = ÐоÑпоÑаÑивное ÑÑÑаÑование
  doing parameter path = /var/resurs/ÐоÑпоÑаÑивное ÑÑÑаÑование
  doing parameter public = no
  doing parameter browseable = yes
  doing parameter writable = no
  doing parameter printable = no
  doing parameter valid users = @nt_korp @nt_admin
  doing parameter write list = @nt_korp @nt_admin
  doing parameter create mask = 0777
  doing parameter directory mask = 0777
  doing parameter veto files = *.scr/desktop.ini/*.pif/*.exe
  doing parameter vfs objects = recycle
  doing parameter recycle:exclude_dir = /tmp
  doing parameter recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  doing parameter recycle:noversions = *.doc|*.xls|*.ppt
  doing parameter recycle:maxsize = 100000
  doing parameter recycle:version = Yes
  doing parameter recycle:touch = Yes
  doing parameter recycle:keeptree = Yes
  doing parameter recycle:repository = ÐоÑзина
[2007/11/29 10:52:32, 2] param/loadparm.c:do_section(3796)
  Processing section "[ÐÑиемнаÑ]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 11 for ÐÑиемнаÑ
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 11 for service name ÐÑиемнаÑ
  doing parameter comment = ÐÑиемнаÑ
  doing parameter path = /var/resurs/ÐÑиемнаÑ
  doing parameter read only = No
  doing parameter writeable = yes
  doing parameter browseable = yes
  doing parameter guest ok = yes
  doing parameter veto files = *.scr/desktop.ini/*.pif/*.exe
  doing parameter force create mode = 0664
  doing parameter force directory mode = 0775
  doing parameter veto oplock files = /*.LCK/*.lck/*.MD/*.md/*.cdx/*.CDX/*.dbf/*.DBF/
  doing parameter oplock contention limit = 1
  doing parameter vfs objects = recycle
  doing parameter recycle:exclude_dir = /tmp
  doing parameter recycle:exclude = *.tmp *.TMP *.tbi *.temp ~$* *.~??
  doing parameter recycle:noversions = *.doc|*.xls|*.ppt
  doing parameter recycle:maxsize = 100000
  doing parameter recycle:version = Yes
  doing parameter recycle:touch = Yes
  doing parameter recycle:keeptree = Yes
  doing parameter recycle:repository = ÐоÑзина
[2007/11/29 10:52:32, 2] param/loadparm.c:do_section(3796)
  Processing section "[printers]"
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 12 for printers
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 12 for service name printers
  doing parameter comment = All printers
  doing parameter path = /var/spool/samba
  doing parameter public = yes
  doing parameter printable = yes
  doing parameter guest ok = yes
[2007/11/29 10:52:32, 4] param/loadparm.c:lp_load(5071)
  pm_process() returned Yes
[2007/11/29 10:52:32, 8] param/loadparm.c:add_a_service(2577)
  add_a_service: Creating snum = 13 for IPC$
[2007/11/29 10:52:32, 10] param/loadparm.c:hash_a_service(2624)
  hash_a_service: hashing index 13 for service name IPC$
[2007/11/29 10:52:32, 3] param/loadparm.c:lp_add_ipc(2711)
  adding IPC service
[2007/11/29 10:52:32, 10] param/loadparm.c:set_server_role(4315)
  set_server_role: role = ROLE_DOMAIN_PDC
[2007/11/29 10:52:32, 3] printing/pcap.c:pcap_cache_reload(117)
  reloading printcap cache
[2007/11/29 10:52:32, 3] printing/pcap.c:pcap_cache_reload(223)
  reload status: ok
[2007/11/29 10:52:32, 3] printing/pcap.c:pcap_cache_reload(117)
  reloading printcap cache
[2007/11/29 10:52:32, 3] printing/pcap.c:pcap_cache_reload(223)
  reload status: ok
Comment 3 Volker Lendecke 2007-11-29 03:11:43 UTC 
First, please add the files as attachments, second, the log file you uploaded is not the one that shows the failure. You have set 

log file = /var/log/samba/%m.log

so the failure must be in /var/log/samba/<client-machinename>.log. 

Third, you have set "max log size = 500" which will lead to a log file that is probably much too short. Please for this test set "max log size = 0" so that the log files do not wrap.

Volker
Comment 4 Andriashyk 2007-11-29 03:37:27 UTC 
Created attachment 3009 [details]
log
Comment 5 Volker Lendecke 2007-11-29 04:06:14 UTC 
Ok, the critical piece is

  smb_pam_passchange_conv: Processing message 0
  smb_pam_passchange_conv: PAM_PROMPT_ECHO_OFF: PAM said: Новый пароль UNIX :
  smb_pam_passchange_conv: PAM_PROMPT_ECHO_OFF: trying to match |*new*password*| to |Новый пароль UNIX :|
  smb_pam_passchange_conv: PAM_PROMPT_ECHO_OFF: trying to match |*retype*new*password*| to |Новый пароль UNIX

What language is this? Your PAM stack seems to be localized, can you change that?

Volker
Comment 6 Andriashyk 2007-11-29 04:21:11 UTC 
I will try, it russian (utf-8)
Comment 7 Andriashyk 2007-11-29 04:40:51 UTC 
http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg416556.html

Package: samba 
Version: 3.0.26a-1
Tags: patch
User: [EMAIL PROTECTED]
Usertags: origin-ubuntu ubuntu-patch hardy


To apply password change requests from Samba clients to system passwords and
not just to Samba passwords, Samba invokes PAM either directly or by way of
/usr/bin/passwd and is configured to know how to communicate with PAM modules
using expect-style rules (smb.conf setting "passwd chat"). Version 0.99.7.1 of
pam includes l10n support, which means that the prompts generated by PAM
modules are now different for each locale. To account for this, Samba should
explicitly use the C locale when attempting a password sync and restore the
user's locale setting afterwards.

First reported in Ubuntu:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/139265

=== added file 'trunk/samba/debian/patches/chgpasswd.patch'
--- trunk/samba/debian/patches/chgpasswd.patch  1970-01-01 00:00:00 +0000
+++ trunk/samba/debian/patches/chgpasswd.patch  2007-11-13 17:43:17 +0000
@@ -0,0 +1,41 @@
+Index: samba-3.0.26a/source/smbd/chgpasswd.c
+===================================================================
+--- samba-3.0.26a.orig/source/smbd/chgpasswd.c
++++ samba-3.0.26a/source/smbd/chgpasswd.c
+@@ -126,6 +126,7 @@
+       struct termios stermios;
+       gid_t gid;
+       uid_t uid;
++      char *eptrs[1] = { NULL };
+ 
+       if (pass == NULL)
+       {
+@@ -222,7 +223,7 @@
+              passwordprogram));
+ 
+       /* execl() password-change application */
+-      if (execl("/bin/sh", "sh", "-c", passwordprogram, NULL) < 0)
++      if (execle("/bin/sh", "sh", "-c", passwordprogram, NULL, eptrs) < 0)
+       {
+               DEBUG(3, ("Bad status returned from %s\n", passwordprogram));
+               return (False);
+@@ -498,6 +499,9 @@
+ #ifdef WITH_PAM
+       if (lp_pam_password_change()) {
+               BOOL ret;
++#ifdef HAVE_SETLOCALE
++              char *prevlocale = setlocale(LC_MESSAGES, "C");
++#endif
+ 
+               if (as_root)
+                       become_root();
+@@ -511,6 +515,9 @@
+               if (as_root)
+                       unbecome_root();
+ 
++#ifdef HAVE_SETLOCALE
++              setlocale(LC_MESSAGES, prevlocale);
++#endif
+               return ret;
+       }
+ #endif

=== modified file 'trunk/samba/debian/patches/series'
--- trunk/samba/debian/patches/series   2007-11-12 21:58:04 +0000
+++ trunk/samba/debian/patches/series   2007-11-13 17:44:03 +0000
@@ -24,3 +24,4 @@
 smbpasswd-syslog.patch
 get_global_sam_sid-non-root.patch
 usershare.patch
+chgpasswd.patch
Comment 8 Andriashyk 2007-11-29 06:12:56 UTC 
What decision will be accepted, what further actions?
Comment 9 Volker Lendecke 2007-11-29 06:17:37 UTC 
From a first glance the patch looks ok. A positive feedback from your side (i.e. try it) would definitely help getting it in upstream.

Volker
Comment 10 Andriashyk 2007-11-29 07:25:56 UTC 
Thank you on experiments little time, I changed a language on a server on English and all began to work.
Once again thank you for a prompt!
Comment 11 Volker Lendecke 2007-12-06 13:22:07 UTC 
Did I understand you correctly that you did not try the patch you uploaded but changed your system config? Are you still interested in getting that patch upstream?

Volker
Comment 12 Björn Jacke 2018-05-07 13:41:42 UTC 
looks like this was patched accordingly long time ago