Ian Dobbie i.dobbie at
Wed Sep 27 15:22:17 GMT 2000

Adam.Propeck at writes:

> I am running SAMBA 2.0.7 on a Solaris 2.7 Box, and want to continue to have
> an NT4 PDC.  I am having difficulty with password sync from NT to the
> Solaris side of things.  I would like to have users on Win98/NT
> workstations be able to change their passwords on the NT side through
> CTRL-ALT-DEL, Change Password, and then get SAMBA and our /etc/passwd to
> sync to the new password.  How can I go about doing this?

As far as I understand things this just plain isnt possible.

>       encrypt passwords = Yes

This line is the problem. You are using encrypted passwords over the
net. The passwords are encrypted in NT style and the unix box cannot
unencrypt them to use the password plaintext to sync them against the
unix /etc/passwd.

The only method to get this type of functionality is to use pam and
authenticate your unix users against a smb password server (eg your NT
PDC). I have considered this but havent actually got as far as trying
to do it. 

An alternative is to not use the windows password change stuff but
have a custom interface to do password updates (eg a web page). This
can then use the plaintext password to reset the password on the unix
box and the NT PDC.


More information about the samba-ntdom mailing list