smbpasswd -j SAMBA_DOMAIN - fixed
Luke Kenneth Casson Leighton
lkcl at samba.org
Mon Jan 10 16:15:09 GMT 2000
On Mon, 10 Jan 2000, Greg Dickie wrote:
>
> Here's another silly question: will rpcclient work like below without
> gnu readline? I ask because if I try I get this:
it should do, yes.
did you specify root username / password? otherwise, yes, it will fail:
you are modifying a remote SAM database, after all!
also, try running rpcclient -S . on the local machine (you must be running
as root to do this).
> smb: > createuser tahiti$ -j
> createuser tahiti$ -j
>
> SAM Create Domain User
> Domain: DL_RDTEST Name: tahiti$ Description: -j
> Create Domain User: FAILED
> smb: > createuser -j tahiti$
> createuser -j tahiti$
>
> SAM Create Domain User
> Domain: DL_RDTEST Name: -j Description: tahiti$
> Create Domain User: FAILED
>
> Sorry to be so much trouble...
>
> Greg
>
>
> On 10-Jan-00 Luke Kenneth Casson Leighton wrote:
> > ok, i got so fed up with all the reports of people using smbpasswd
> > bitching about how it couldn't be used to join its own domain that i fixed
> > it.
> >
> > HOWEVER...
> >
> > you should be aware that smbpasswd sets the initial trust account password
> > to server_name_in_lower_case, and then changes it, using the initial
> > password to encrypt the new one. this is to be compatible with NT 4.0.
> >
> > IF you are concerned about network sniffing from hostile users, THEN:
> >
> > use rpcclient instead (lsaquery; createuser sambaserver$ -j).
> >
> > the password change is done using the administrator's username / password
> > to encrypt the trust account change, NOT the old trust account password.
> >
> > luke
>
> ---------------------------------------------------------------------
> Greg Dickie
> Just A Guy*
> *from discreet (the logic is gone)
> Montreal
> (514) 954-7171
> greg at discreet.com
>
More information about the samba-ntdom
mailing list