The steps to repro this problem: 0) configure the environment, use net ads join to join a win2k3 domain 1) smbpasswd -a user (user must be a local unix account name) 2) smbpasswd -r machine -U machine/user it reports: #/usr/local/samba/bin/smbpasswd -r diablo -U diablo/weikuan Old SMB password: New SMB password: Retype new SMB password: cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from host diablo! machine diablo rejected the password change: Error was : NT code 0x1c010002. This problem doesn't occur for samba-3.0.27a, it does occur for samba-3.3.6 We suspect it is caused by command line parser or RPC parser's problem.
I think the root cause is: when we smbpasswd -r machine -U machine/user, the user is recognised as "machine/user", acctually, it should be "user". Function libsmb/ntlmssp.c:ntlmssp_server_auth() is called twice each time we user smbpasswd -r -U to update the password. in the first time, the parser works good, domain="machine", workstation="machine", user="user", but in the second time, domain="", workstation="machine", user="machine/user", this causes the request to be resent to 2k3 domain to search user "machine/user", RPC fault occurs. When we update the function, detect whether domain="" and user contains "/", and then split the content of user into domain and user, the RPC fault doesn't occur, it becomes: shell> sudo smbpasswd -r machine -U machine/user2 Old SMB password: New SMB password: Retype new SMB password: machine machine rejected the password change: Error was : No such user. Check the log, this is because function smbd/chgpasswd.c:check_oem_passwd is passed in a user as "machine/user", after we split the user, and assign the user with "user", the password for "user" is updated accordingly. We can't fix the bug as the resolution above, it is too rough, the correct solution should be somewhere on some parser.
Created attachment 4613 [details] split domain/name in advance Can you please test this patch ? It should fix your problem.
Created attachment 4622 [details] revised version of that patch (tested and pushed to master) Simo, I tested that patch and needed to make some small modifications to make it work. Its pushed to master now.
Karolin, please pick for 3.4
Pushed. Closing out bug report. Thanks!