smbpasswd -j SAMBA_DOMAIN - fixed
Greg Dickie
greg at discreet.com
Mon Jan 10 15:28:35 GMT 2000
Here's another silly question: will rpcclient work like below without
gnu readline? I ask because if I try I get this:
smb: > createuser tahiti$ -j
createuser tahiti$ -j
SAM Create Domain User
Domain: DL_RDTEST Name: tahiti$ Description: -j
Create Domain User: FAILED
smb: > createuser -j tahiti$
createuser -j tahiti$
SAM Create Domain User
Domain: DL_RDTEST Name: -j Description: tahiti$
Create Domain User: FAILED
Sorry to be so much trouble...
Greg
On 10-Jan-00 Luke Kenneth Casson Leighton wrote:
> ok, i got so fed up with all the reports of people using smbpasswd
> bitching about how it couldn't be used to join its own domain that i fixed
> it.
>
> HOWEVER...
>
> you should be aware that smbpasswd sets the initial trust account password
> to server_name_in_lower_case, and then changes it, using the initial
> password to encrypt the new one. this is to be compatible with NT 4.0.
>
> IF you are concerned about network sniffing from hostile users, THEN:
>
> use rpcclient instead (lsaquery; createuser sambaserver$ -j).
>
> the password change is done using the administrator's username / password
> to encrypt the trust account change, NOT the old trust account password.
>
> luke
---------------------------------------------------------------------
Greg Dickie
Just A Guy*
*from discreet (the logic is gone)
Montreal
(514) 954-7171
greg at discreet.com
More information about the samba-ntdom
mailing list