Samba PDC as a password server

Todd Pfaff todd at
Tue Apr 28 20:12:46 GMT 1998

On Wed, 29 Apr 1998, Jean-Francois Micouleau wrote:

> On Wed, 29 Apr 1998, Jeremy Allison wrote:
> > Indeed. You would set up the smbd to sync unix passwords
> > and call a local program that set's a users password as
> > root, then does a make in the yp domain directory to push
> > the changed password out to the NIS slaves.
> > 
> > You still end up with two password files, but users in
> > both have the same password.
> > 
> And how do you change the samba encrypted password from a NIS client
> workstation ? 
> yppasswd send the password already encrypted to the yppasswdd daemon.

you can use smbpasswd, rather than passwd or yppasswd, to set both the
samba password and the nis password on a remote samba password server.

  smbpasswd -r nis-master-server-host

i'm using this method already but i'm using nisgina on my nt workstations,
not a samba pdc (not yet, but eventually i will).

i use the following settings on my samba password server which is also my
nis master server:

  security = user
  unix password sync = yes
  passwd program = /bin/passwd -r files %u; cd /var/yp; make passwd
  passwd chat = *New\spassword:* "%n\n" *new\spassword:* "%n\n" *updated\spasswd* . *pushed\spasswd*

this works under solaris 2.5.

all other samba servers use this nis master server as the samba password
server.  what i suggested in a previous posting is that smbpasswd use the
smb.conf password server setting so that the -r option was not necessary.

according to what i've been reading here today, this should all work just
as well when the samba server is a pdc and:

  samba pdc = smb password server = nis master server


Todd Pfaff                         \  Email: pfaff at
Computing and Information Services  \ Voice: (905) 525-9140 x22920
ABB 132                              \  FAX: (905) 528-3773
McMaster University                   \
Hamilton, Ontario, Canada  L8S 4M1     \

More information about the samba-ntdom mailing list