Sync Passwords
Colin Higgs
colin.higgs at ed.ac.uk
Wed Jun 9 10:01:19 GMT 1999
> The passwd sync system works (and has done so for some time), however it
> has a problem in that it does not report to a user why it failed to change
> a passwd. As most systems around these days have pretty strict rules about
> what a legal passwd is (ie not a recognised word or part thereof) most
> people find that their first (and more) attempts to set a password fail.
> Samba does not go ahead when passwd fails but the message that passwd
> generates is not shown to the user. The user is told that the passwd / user
> name combination is unacceptable and the user assumes that it is their
> origional password is wrong.
>
> I have many angry users who complain that they are being told that their
> 'old' password is wrong when in fact, the problem is that their new
> password is not good enough.
If you have winpopup enabled you can have samba send messages back to
the client using smbclient. For example:
In smb.conf:
# %u = user
# %m = client machine
passwd program = mypwdchanger %u %m
In mypwdchanger (sh syntax):
#!/bin/sh
$USER=$1
$CLIENT=$2
#The prompt below should match your passwd chat
echo SOMEPROMPT
read newpass
error=`checkpasswdforstupidthings $USER << EOF
$newpass
EOF`
cracked=$?
##write "checkpasswdforstupidthings" to return 0
##if $newpass is good
if [ $cracked -ne 0 ] ; then
#bad passwd - send a message
smbclient -U "Password Checker" -M $CLIENT > /dev/null << EOF
Your password was not changed.
Message from the password program:
$error
EOF
exit 1
fi
#The password was good - change the password
/bin/passwd $USER
exit $?
One final note: On NT machines, if you use <ctrl> + <alt> + <del> to go
on to change your password then you will not see winpopup messages :-(
since they go to the usual desktop and not the "switched" screen
(applogies for the bad terminology here - I am not an NT expert). I
solved this problem by compiling smbpasswd for win32 and using that to
change passwords instead (with a tk/tcl wrapper).
--
Colin Higgs,
Chemical Engineering
University of Edinburgh Email: colin.higgs at ed.ac.uk
King's Buildings, Mayfield Road, Tel: +44 (0)131 6508557
Edinburgh, Scotland, EH9 3JL Fax: +44 (0)131 6506551
More information about the samba-ntdom
mailing list