Samba and the passwd -r nis command

jason.walton at jason.walton at
Mon Nov 18 17:36:00 GMT 2002

I have set up a Samba server as a PDC, but want to be able to set passwords
via NIS, for this end (the NIS server could be on any machine, the PDC
could be on any machine) I need the passwd -r NIS command to work.
I have trolled through the code but have come up against a problem, that
being that the code doesn't pass the old unix password through the code, it
looks like smbpasswd reads it in and passes it onto smbd to change.
Could anybody tell me if a patch has been applied to solve this problem (I
know the code says samba PDC must be run on the NIS master, but that isn't
practical is our environment).

I tracked the piece of code down to this bit in smbd\chgpasswd.c, the
second argument should be the old unix password but isn't known in this
module. I will keep on looking for a way around this, but any help /
pointers to patches that fix this, are appreciated.

extract from smbd\chgpasswd.c, lines 692 to 714

 Code to check and change the OEM hashed password.
BOOL pass_oem_change(char *user,
                     uchar * lmdata, uchar * lmhash,
                     uchar * ntdata, uchar * nthash)
        fstring new_passwd;
        SAM_ACCOUNT *sampass = NULL;
        BOOL ret = check_oem_password(user, lmdata, lmhash, ntdata, nthash,
                                      &sampass, new_passwd,

         * At this point we have the new case-sensitive plaintext
         * password in the fstring new_passwd. If we wanted to synchronise
         * with UNIX passwords we would call a UNIX password changing
         * function here. However it would have to be done as root
         * as the plaintext of the old users password is not
         * available. JRA.

        if (ret && lp_unix_password_sync())
                ret = chgpasswd(user, "", new_passwd, True);

More information about the samba-technical mailing list