UNIX/NT passwd sync: Confused

Gerald W. Carter cartegw at Eng.Auburn.EDU
Thu Aug 13 15:12:55 GMT 1998

On Fri, 14 Aug 1998, Cemal AKYEL wrote:

>  * set encrypt passwords=no and update encrypted=yes AND make use of the
> original passwords and as the users login to the domain smbpasswd file
> will updated.

You cannot run a Samba PDC using this option.  You can have them connect
to another samba server and use this option.  Then the smbpasswd entries
can be copied over to the PDC.

Since the user password change stuff is not implemented yet, it would be
impossible to implement the "change password on next logon" feature.

> the point that i'm confused is if i follow the 2nd alternative will my
> client pc's (NT 4.0 sp3) be accepted to the domain (as indicated in the
> NTDOM faq encrypted passwds should be used for this purpose)? 

See notes above.  There is really not a clean solution to this as of yet (
that I know of ).   Anybody have any good ideas?  Besides running 'Crack'
as I mention below?

> Is there
> any program that *fully* (including the original passwords) converts
> (translates) UNIX style passwd file into smbpasswd?

There is no way to globally transfer the password in /etc/passwd to the
smbpasswd file.  You could try cracking the passwd file and then scripting
these over to the smbpasswd file.  However this will not work obviously
all the time.

Hope this helps,
                            Gerald ( Jerry ) Carter	
Engineering Network Services                           Auburn University 
jerry at eng.auburn.edu             http://www.eng.auburn.edu/users/cartegw

       "...a hundred billion castaways looking for a home."
                                  - Sting "Message in a Bottle" ( 1979 )

More information about the samba-ntdom mailing list