How to use only the UNIX password file with samba ?

Steve Langasek vorlon at
Wed Nov 15 15:12:39 GMT 2000

On Wed, 15 Nov 2000, eirvine wrote:

> Hi Florent,

> Florent Boucher wrote:

> > Dear colleges,
> > we are planning to use sambe in place of our NT PDC.
> > So we have define samba to be a logon server for windows and it works. The
> > security option is user in order to use the UNIX/NIS password file. The only
> > problem we have for the moment is to change the password from the windows tool
> > box.
> > This option works only if we define the user in the smbpassword file located in
> > /usr/local/samba/private.
> > We do not like this option as we would like to have only one password file, the
> > file coming with the NIS.
> > So is it possible to tell samba to change only the NIS password file only when a
> > request is made from windows. We don not want that samba look for the file
> > smbpassword as we are not planning to maintain this file.
> > Thank you for a precise answer.
> > Florent

> If you want your SAMBA server to be the PDC (which is what you want, as
> far as I can make out), and if you are using NT SP3 or above, then you HAVE
> to use the smbpasswd file and you have to use encrypted passwords.

This 'and' above should be an or.  *Any* time you want Samba to act as a PDC,
you have to use encrypted passwords.  This is fundamental to how NT domain
trust relationships work, and even NT4 <= SP2 will require this of a PDC.  If
you're not going to be using Samba as a PDC, then you can hobble your NT4 SP3
machines to use plaintext passwords, however.

Steve Langasek
postmodern programmer

More information about the samba-ntdom mailing list