Temat: Błędne hasło ?

Witam

Na Debianie stoi Samba oraz LDAP. Konfiguracja na podstawie strony: http://stary.dug.net.pl/faq/faq-3-24...P___Debian.php

Komputer został poprawnie dodany do domeny. Założyłem użytkownika za pomocą polecenia smbldap-useradd, po czym dokonałem zmiany hasła kolejnym poleceniem smbldap-passwd. Za pomocą PHPLDAPAdmin weryfikuję wpis do bazy LDAP oraz hasło. Wszystko się zgadza.

W kolejnym kroku próbuję się zalogować do domeny. Podczas logowania otrzymuję informacje o błędnym haśle, co widać także w logu samby (poniżej).

[2011/02/17 18:24:08, 2] lib/smbldap.c:smbldap_open_connection(796)
smbldap_open_connection: connection opened
[2011/02/17 18:24:08, 2] passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group: 544
[2011/02/17 18:24:08, 2] lib/access.c:check_access(406)
Allowed connection from (::ffff:192.168.1.10)
[2011/02/17 18:24:08, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: xxx
[2011/02/17 18:24:08, 2] passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group: 512
[2011/02/17 18:24:08, 2] passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group: 512
[2011/02/17 18:24:08, 2] passdb/pdb_ldap.c:init_ldap_from_sam(1128)
init_ldap_from_sam: Setting entry for user: xxx
[2011/02/17 18:24:08, 2] auth/auth.c:check_ntlm_password(318)
check_ntlm_password: Authentication for user [xxx] -> [xxx] FAILED with error NT_STATUS_WRONG_PASSWORD
[2011/02/17 18:24:24, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: xxx
[2011/02/17 18:24:24, 2] passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group: 512
[2011/02/17 18:24:24, 2] passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group: 512
[2011/02/17 18:24:24, 2] passdb/pdb_ldap.c:init_ldap_from_sam(1128)
init_ldap_from_sam: Setting entry for user: xxx
[2011/02/17 18:24:24, 2] auth/auth.c:check_ntlm_password(318)
check_ntlm_password: Authentication for user [xxx] -> [xxx] FAILED with error NT_STATUS_WRONG_PASSWORD

Gdzie leży błąd ?

Poniżej zamieszczam plik smb.conf:

[global]
# podstawowe opcje konfiguracji serwera
workgroup = XXX
netbios name = nowydwor
server string = Serwer PDC
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192

os level = 99
preferred master = yes
local master = yes
domain master = yes
domain logons = yes

security = user
guest ok = no
encrypt passwords = yes
null passwords = no

# hosts allow LAN
hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0
wins support = yes
name resolve order = wins lmhosts host bcast
dns proxy = no

log file = /var/log/samba/log.%m.%I
log level = 2
syslog = 0
max log size = 128
hide unreadable = yes
hide dot files = yes
panic action = /usr/share/samba/panic-action %d
pam password change = Yes

# konfiguracja LDAP
passdb backend = ldapsam:ldap://127.0.0.1
ldap suffix = dc=xxx
ldap machine suffix = ou=machines
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap admin dn = cn=admin,dc=xxx
enable privileges = yes
ldap idmap suffix = ou=Idmap
ldap ssl = no

logon home =
logon drive = U:
logon path =
logon script = netlogon.bat OR %U.bat

server signing = auto
server schannel = Auto

# Do ldap passwd sync
unix password sync = no
ldap passwd sync = Yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %nn *Retype*new*password* %nn *all*authentication*tokens*updated*
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"

#polskie znaki
unix charset = ISO8859-2
#unix charset = UTF-8
dos charset = CP852

[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = no
read only = yes
browseable = no
logon script = netlogon.bat OR %U.bat

[homes]
path = /home/%U
comment = HOME Directories
browseable = no
writeable = yes
valid users = %S
read only = no
guest ok = no
inherit permissions = yes

[profiles]
path = /home/samba/profiles
valid users = %U, "@Domain Admins"
writeable = yes
browseable = no
default case = lower
preserve case = no
short preserve case = no
case sensitive = no
hide files = /desktop.ini/ntuser.ini/NTUSER.*/
create mask = 0600
directory mask = 0700
csc policy = disable