How to use /etc/passwd passwords for NTDOM?
Roeland M.J. Meyer
rmeyer at mhsc.com
Fri Feb 20 22:03:37 GMT 1998
At 03:39 21-02-98 +1100, Nuno Loureiro wrote:
>Hi there amigos
>I am configuring a linux box to serve an NT domain with Samba.
>I already got the sources from cvs BRANCH_DOM and compiled it
>I can create computer accounts from the workstations and successfully
>logon using smbpasswd passwords.
>So, how can I use the other /etc/passwd passwords (I don't want to
>manually add every account to smbpasswd) to logon from the NT 4
>+ SP3 workstations?
>Is there any automatic way of converting /etc/passwd (or shadow) to
>smbpasswd? mkpasswd doesn't seem to work well (it doesn't convert the
>passwords, instead it puts XXXX.... in the smb password field).
Short answer is no. The reason is that Unix passwds are not de-cryptable
becasue they are a one-way hash product. What needs to happen, and the only
way this can work, is to have a program/shell-script which will update BOTH
passwd files when a new passwd is assigned/changed. I am currently working
on user management scripts to do this, in PERL, on my Linux servers. The
problem gets *really* complex when PAM is involved, using SSH. Toss in NIS
and it becomes a royal PITA. Unfortunately, my solution may be *very*
BTW, I tried KerbNet, it sucks, no usefull dox!
Roeland M.J. Meyer, ISOC (InterNIC RM993)
e-mail: mailto:rmeyer at mhsc.com
Personalweb pages: http://www.mhsc.com/~rmeyer
Company web-site: http://www.mhsc.com/
Watch for the SecureMail system at MHSC.NET
More information about the samba-ntdom