Must a Samba PDC use encrypted passwords?

Jeremy Allison jallison at
Fri Jun 5 20:38:50 GMT 1998

Gerald Carter wrote:
> Paul Keck wrote:
> >
> > After the period of getting everyone to log in and get their password
> > updated is done and we switch to encrypted passwords, /etc/passwd and
> > smbpasswd will start to diverge, right?  Meaning, if they change one
> > the other will NOT change.
> Correct
> > If that is true, is there a good way around this?
> The best solution is to rewrite you passwd program on the unix box to
> pipe the change to /etc/passwd and smbpasswd.  This is fairly trivial
> if these files are located on the same box that user's login to change
> their passwd.  If uses's change their passwd on other machines besides
> these master's, then things get a little trickier.

If you are on a system that supports the ALLOW_CHANGE_PASSWORD
compile flag to Samba, you don't need to change your UNIX
passwd program, you can get Samba to change both your smb
and your UNIX passwords simultaneously.

Look up the 'unix password sync' parameter for details.

Of course the code that allows NT workstations to update
the user passwords for the logged on user isn't written
yes (although I have the packet dump and it's on my list
of things to fix).


	Jeremy Allison.
	Samba Team.

Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-ntdom mailing list