REofRE: [Samba] password change on the domain password server using clienttools

Yohann Ferreira bertram25 at hotmail.com
Thu Apr 29 12:54:17 GMT 2004 

Hi Lieven
Thanks for advise !

the
getent passwd
command shows me all the users of the 2k domain in this format :
DOMAIN2K+user:x:10000:10026::/home/NetBiosName/user:/bin/bash

I think that's correct. But do you think I got to use nss pam or something 
like that ?
I just can't login with a 2000 user on Samba, but guests (unknown users ) 
can, when I permit them to. So I think users are known but their password 
are badly processed. Maybe something messing with kerberos ?

Thanks for reading and hope to see you soon !

Bertram

>From: Lieven VAN ACKER <lieven.vanacker at archg.sintlucas.wenk.be>
>To: Yohann Ferreira <bertram25 at hotmail.com>
>Subject: RE: [Samba] password change on the domain password server using 
>clienttools
>Date: Thu, 29 Apr 2004 13:40:49 +0200
>
>Hi,
>
>congratulations so far!
>
>did you try to
>
>getent passwd
>
>to check if winbind is actually called when asking for unix users?
>
>If the domain users are not listed, you probably have a problem with your
>pam config...
>
>Regards,
>
>Lieven
>
>Yohann Ferreira <bertram25 at hotmail.com> schreef:
> >Hi Lieven !
> >
> >I'm back with questions !
> >First of all, I've set my security parameters to ADS in smb.conf
> >and have configured the krb5.conf file (using MIT Kerberos 5).
> >Then I used a net ads join -S Domain -U admin
> >and it Worked !
> >I had, of course, configured nsswitch.conf to something like this :
> >
> >passwd: files winbind
> >group: files winbind
> >shadow: files
> >the wbinfos commands :
> >
> >wbinfo -u -g -t -m -a DOMAIN+admin%password  are working !
> >
> >The next thing and then final one is to connect to my samba member server
> >via another desktop under win2000, with the network panel, to the Samba
> >machine, but it doesn't work at all !
> >
> >what did I forgot ??
> >
> >Thanks a lot for reading !
> >
> >Bertram
> >
> >>From: Lieven VAN ACKER <lieven.vanacker at archg.sintlucas.wenk.be>
> >>To: Yohann Ferreira <bertram25 at hotmail.com>
> >>Subject: RE: [Samba] password change on the domain password server using
> >>clienttools
> >>Date: Wed, 28 Apr 2004 15:04:20 +0200
> >>
> >>Well,
> >>
> >>I could tell you a couple of things ..just for the moment I'm running a
> >bit
> >>out of time, ...
> >>
> >>You could find some starting info in the Samba (3) HOWTO, chapter 7:
> >domain
> >>membership.
> >>
> >>If you want to access the AD, e.g. with ldapsearch, following things
> >should
> >>be noted:
> >>
> >>* use ldaps (-H ldaps://domainserver)
> >>* use simple authentication (-x -W)
> >>* bind using administrator at domainname (-D "administrator at dnsdomain")
> >>
> >>Ask me if you have any further questions,
> >>
> >>regards,
> >>
> >>Lieven
> >>
> >>Yohann Ferreira <bertram25 at hotmail.com> schreef:
> >> >Hi,
> >> >
> >> >I've read your mail concerning the integration of a samber member 
>server
> >
> >>in
> >> >
> >> >a Windows 2000 Domain.
> >> >I, for now, am trying to join the 2000 domain, and access the AD in
> >order
> >> >to
> >> >get users and groups...
> >> >Could you tell me how you use LDAP to do this ?
> >> >And if there something else to with smb.conf or/ and nsswitch.conf ?
> >> >
> >> >>From: Lieven VAN ACKER <lieven.vanacker at archg.sintlucas.wenk.be>
> >> >>To: samba at lists.samba.org
> >> >>Subject: [Samba] password change on the domain password server using
> >> >>clienttools
> >> >>Date: Wed, 28 Apr 2004 11:29:45 +0200
> >> >>
> >> >>Hi,
> >> >>
> >> >>I've setup samba to be a member of a windows 2000 (mixed mode) 
>domain.
> >> >>I'm using ldap client interface to access the AD on the W2K domain
> >> >>controller, in order to add users en groups.
> >> >>
> >> >>Now, the final step to manage this config is to set the password of
> >the
> >> >>users. As it seems hard to use the ldap interface to set the
> >passwords,
> >> >>I've thought of using samba client tools, like smbpasswd or pdbedit 
>or
> >> >net
> >> >>commands.
> >> >>
> >> >>I manage to use smbpasswd -r ADSERVER -U username to set the password
> >> >>interactively, pretending being user "username".
> >> >>
> >> >>Thing is, there should be a way to change (or set initial) password 
>as
> >> >>domain admin.
> >> >>
> >> >>I tried using
> >> >>
> >> >>net rap password username "" newpass -U administrator%adminpass
> >> >>
> >> >>but this doesn't seem to have the intended result (while it doesn't
> >give
> >> >me
> >> >>any indication of success or failure).
> >> >>
> >> >>So if anybody could give me a clue, how to proceed to be able to
> >change
> >> >the
> >> >>ad password in a scriptable way, I'd be able to finish this
> >integration
> >> >>exercise...
> >> >>
> >> >>Regards,
> >> >>
> >> >>Lieven
> >> >>
> >> >>
> >> >>--
> >> >>To unsubscribe from this list go to the following URL and read the
> >> >>instructions:  http://lists.samba.org/mailman/listinfo/samba
> >> >
> >> >_________________________________________________________________
> >> >Trouvez l'âme soeur sur MSN Rencontres http://g.msn.fr/FR1000/9551
> >> >
> >>
> >>
> >
> >_________________________________________________________________
> >Hotmail : un compte GRATUIT qui vous suit partout et tout le temps !
> >http://g.msn.fr/FR1000/9493
> >
>
>

_________________________________________________________________
Recevez par e-mail des émoticônes pour MSN Messenger 
http://g.msn.fr/FR1001/2275?url=http://www.msn.fr/ilovemessenger/premium/Default.asp?Ath=f

More information about the samba mailing list