Has anyone made update encrypted work?
Gerald W. Carter
cartegw at Eng.Auburn.EDU
Tue Jun 30 15:59:10 GMT 1998
On Wed, 1 Jul 1998, Dana Canfield wrote:
> Sorry to post on the same topic twice in a week, but I've been looking
> at the archives and I see a couple questions regarding this and no
> answers, so I'm wondering if anyone has gotten update encrypted to work.
Yup. Worked fine. Migrated over about 30 users. Small need for them.
They never even knew.
> As I understand it, the way the option should work is this:
>
> You have an existing Unix password file with your users in it.
> Set up Samba as a PDC with update encypted on, and encrypted passwords
> off.
> Run the mksmbpasswd script to create an smbpasswd file with "empty"
> passwords.
> Use smbpasswd -a -m to add machine accounts to the smbpasswd file.
> Run the NT4 Plain Password registry hack found in docs directory.
> Run like this for a while, allowing your users to log into the Samba
> PDC, and it updates the encrypted smbpasswd file.
> Eventually change the registry back and enable encrypted passwords.
Nope. You won't be able to use this option on your Samba PDC.
> Is this correct? It seems that I have to be missing something. When I
> add a user to the smbpasswd file using smbpasswd -a, creating an
> encrypted smbpasswd file entry, I'm OK. But trying to log into the PDC
> with a user who either doesn't have an smbpasswd entry, or has all X's
> as the password fails.
NT logins use encrypted passwords only.
Here's how I used it.
Local accounts on a WinFrame 1.6 box. Used the samba 1.9.18p7 server as
the [homes] server. Specified H: to connect to \\server\<username> in the
profile on the NT box. This way the connection would be made by passing
the plain text password to the server and thus updating the smbpasswd
file.
After I had all the users, I merged the result of the new smbpasswd and
the smbpasswd on the samba PDC thus allowing users to mount the shares
from SAMBA_PDC instead and also allowing me to add the WinFrame box to the
domain when I wanted to without causing login problems for my users.
Make sense?
j-
________________________________________________________________________
Gerald ( Jerry ) Carter
Engineering Network Services Auburn University
jerry at eng.auburn.edu http://www.eng.auburn.edu/users/cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-ntdom
mailing list