password and some other problems

[Hongwei Li]

Thanks a lot for you help.  I still have some questions:

-----Original Message-----
From: Dieter Rothacker <Didi at Xterminator.STUDFB.UniBw-Muenchen.de>
To: hongwei at morpheus.wustl.edu <hongwei at morpheus.wustl.edu>
Cc: Multiple recipients of list <samba at samba.anu.edu.au>
Date: Tuesday, January 13, 1998 5:41 PM
Subject: Re: password and some other problems


>Hongwei Li wrote:
>>
>> Hi,
>>
>> I have some problems (or questions) about samba and WinNT.  We have 4
Unix
>...
>> 1. After upgrading the samba from 1.9.16p9 to 1.9.17p4 on the Linux
machine
>> (kernel 2.0.30), I can not set “security=user” anymore. Users always get
>> error message “Invalid password” when they try to mount network drive,
even
>> as root (I tried it).  Then, I try to set “security=server” and “password
>> server = our NT server”, then it works!  We did not have this problem
>> before, and still don’t have this problem with samba 1.9.16p9 on other 3
>> machines.  Can anybody tell me why?  I saw a similar problem from several
>> other posts.
>
>As I remember, 1.9.16 did not have encrypted password support compiled
>in as standard. 1.9.17 has. This means you have to insert the line
>"encrypt passwords = no" into your /etc/smb.conf or (and this will solve

** Do you mean version 1.9.17p4?  I don't have it in it.  Then, it seems
that my NT server should remember the password as you mentioned below in 2.
However, our users have to type their passwords for every samba server, that
means the NT server DOES NOT remember the password.  Why?

>the following problem) read the instructions on using encrypted
>passwords in "Encryption.txt" in the docs.
>
>> 2. This is not a problem, but just a very inconvenient feature that I
hope
>> somebody can help me. Windows 95  and Windows 3.11 users can mount all
samba
>> drives automatically when they log on their windows.  However, Windows NT
>> 4.0 users have to type password for EVERY DRIVE ON EACH SAMBA SERVER
>> manually.  Since we have 4 Unix machines, they have to type their
password 4
>> times whenever they log on.  They feel very unhappy and I can not help
them.
>> Can somebody tell me if it is possible to “simplify the log on procedure”
?
>
>NT refuses to save passwords if they are not encrypted (it would have
>to store them in an unsafe way). If you configure your samba server
>to support encrypted passwords, NT will save them encrypted for future
>logons.
>
>> 3. I remember somebody mentioned “password map” between samba servers
(UNIX
>> machines) and Windows NT server (4.0), i.e. if a user changes his
password
>> on a UNIX machine, he does not have to change his password on NT server
to
>> the same one as on the UNIX machine.  In other words, a user can have 5
>> different password on our NT server and 4 UNIX machines, and change them
in
>> any way he likes.  Can somebody tell me how to do this?
>
>Without using NT as password server, the passwords for NT and samba
>should naturally be independent from each other... or didn't I
>understand
>what you are talking about ?


** Here is an example: a user has the same password on our NT server and the
samba server (1.9.17p4).  He can mount samba server drives without any
problem.  One day, he chanses his password on the samba server, but does not
change his password on NT server.  From that time, he can never mount any
samba server drive until he changes his password on NT server to the same
one as on the samba server.

** My question: is it possible to set a "password map" somewhere to allow
users change their password freely (the passwords on NT servers and on samba
servers can be different) without affecting mounting samba server drives?

>--
>Dieter Rothacker, student of computer sciences
>

I realized that I did not compile samba 1.9.17p4 supporting encrypted
password.   Maybe I should do it first to see any changes.  I'll try.

Thanks again!

Hongwei