Samba 3.0.5 mksmbpasswd.sh

Paul Boot paul.boot at harpercollins.co.uk
Wed Aug 25 09:19:20 GMT 2004 

Hello

I have been running an old version of samba for sometime and decided to 
update to the "latest" version (I think there is a 3.0.6 recently issued).

My question relates to mksmbpasswd.sh. I get the impression there were 
security flaws in this upto version 3.0.2(?) but cannot trace anything 
about fixes for these in the Whatsnew files.

On my setup I am running on Solaris 8.0  I created a user on unix named 
tester and then converted the NIS+ passwd table into smbpasswd format.

The entry for tester

tester:254:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[DU 
         ]:LCT-00000000:tester

seems not to have picked the correct settings.

smbclient //ard.ref.collins.co.uk/projects
Password:

session setup failed: NT_STATUS_LOGON_FAILURE

If I manually run smbpasswd -a tester as root I can set the password to 
a usable string. After which things operate fine.

I note I cannot run smbpasswd as the unix account tester

smbpasswd
Old SMB password:

New SMB password:

Retype new SMB password:

machine 127.0.0.1 rejected the password change: Error was : RAP86: The 
specified password is invalid.
Failed to change password for tester

... I guess I do not know the initial SMB passwd.

In my smb.conf I do have the following options set....

encrypt passwords = yes
null passwords = no

Questions

1. Which version of Samba should I use to get a reliable smbpasswd file?
2. Could I just use an updated mksmbpasswd.sh file with 3.0.5 or is a 
complete upgade required?
3. Can normal users changed smbpasswd file without the root account been 
  available?


Thanks






-- 
--
Paul Boot

+44 141 306 3267



**********************************************************************
This message is intended only for the use of the individual(s) to which
it is addressed and may contain information that is privileged and
confidential.
  If you are not the intended recipient, you are hereby notified that
you have received this transmission in error; any review, dissemination,
distribution or copying of this transmission is strictly prohibited.
  If you have received this communication in error, please notify us
immediately by reply e-mail and delete this message and all of its attachments.
**********************************************************************

More information about the samba-technical mailing list