thoughts on smbpasswd

Luke Kenneth Casson Leighton lkcl at cb1.com
Thu Aug 21 16:12:57 GMT 1997



On Thu, 21 Aug 1997, Todd Pfaff wrote:

> in our environment, everyone with a unix account on the samba server
> should also have an entry in smbpasswd.  in the past i've initialized this
> through a script which i call from my nis makefile to keep smbpasswd in
> sync with /etc/passwd.  it adds new users, deletes users who no longer
> exist in /etc/passwd, and leaves existing users alone (so as not to change
> their password).  when i add a new account, i naturally do an nis make and
> my smbpasswd file is brought up-to-date.  i had also made changes to
> smbpasswd such that a new user could log into their unix account and set
> their initial smb password if it was all X's (but of course, the password 
> would still be invalid until set).
> 
> in 1.9.17alpha, things have changed slightly (the 'NO PASSWORD' string in
> the smbpasswd entry and the -add option to smbpasswd).  i made a couple of
> changes to smbpasswd.c that others may find useful.
> 
> if the password begins with a '*' then the user can hit return when prompted
> for their old password, but the password is still considered invalid until
> set to something that doesn't begin with '*' or 'X'.
> 
> if smbpasswd.c is compiled with -DALLOW_ADD_USER, a non-root user can add
> a new entry for their username to smbpasswd if it does not yet exist
> (ie. if they run smbpasswd and their name is not found in the smbpasswd
> file, and they enter a valid password, a new entry is created for their
> username).  i also removed the -add option and made the default behaviour
> for root that the user is added if not found.
> 

YES! excellent - you came across the same problem that i did with 
smbpasswd, namely that it can't distinguish betwee newly added blank 
users, and users that have had their smb password account disabled.

not very useful from a configuration point of view...

by the way, the mods that i made clash nicely with yours: i added a 
system whereby you could do:

smbpasswd -add user passowrd - only as root.

luke


More information about the samba mailing list