Synchonisation between NIS and encrypted SMBPASSWD
Todd Pfaff
todd at edge.cis.McMaster.CA
Sat Dec 5 17:32:37 GMT 1998
my NIS master server is also my samba password server and I use the
following to sync passwords:
security = user
unix password sync = yes
passwd program = /bin/passwd -r files %u; cd /var/yp; /usr/ccs/bin/make passwd
passwd chat = *New\spassword:* "%n\n" *new\spassword:* "%n\n" *updated\spasswd*
. *pushed\spasswd*
#passwd chat debug = true
#debug level = 100
note that this will only work on the NIS master server, but this allows you
to use the passwd '-r' option and the yp make which overcomes the problem of
needing the old password.
On Sun, 6 Dec 1998 samba at samba.org wrote:
> Date: Fri, 04 Dec 1998 18:17:21 +0100
> From: Rainer Hauck <hauck at nm.informatik.uni-muenchen.de>
> To: Samba at samba.org
> Subject: Re: Synchonisation between NIS and encrypted SMBPASSWD
> Message-ID: <36681921.820D9FAD at nm.informatik.uni-muenchen.de>
>
> >Hello,
> >
> >does somebody have a tool to convert a /etc/passwd to a smbpasswd with
> getting
> >a valid Lan Manager and NT hash.
> >or does anybody have a trick, how I can synchronise the /etc/passwd
> with the
> >smbpasswd without changing a unix passwd twice (passwd,smbpasswd).
> >
> >Thanks,
> >
> >Martin
>
> Martin
>
> that's exactly what I need aswell. The problem is that NIS-passwd
> commands require the old password, even when called by root which is not
> given by smbpasswd (you can use %o in your chat script but it never gets
> transmitted).
>
> We already tried to write shell-scripts to be called by smbpasswd which
> directly change the entry in the /etc/passwd file but stopped this due
> to security considerations.
>
> To my opinion the only (sensible) solution to this problem is to include
> the support for the old password (%o) in smbpasswd. I know it's not done
> due to compatibility reasons but maybe it could be integrated as an
> option?
>
> Rainer
>
> --
> _ _ _ _ _ _ RAINER HAUCK
> |\/| |\ | |\/| Institut fuer Informatik / Dept. of CS
> | | | \| | | Ludwig-Maximilians-University Munich
> ======= TEAM ======= Oettingenstr. 67, 80538 Munich, Germany
> Munich Network Management Team Room D01,Phone +49-89-2178-2155,Fax-2262
> Muenchner Netz-Management Team email: hauck at informatik.uni-muenchen.de
--
Todd Pfaff \ Email: pfaff at mcmaster.ca
Computing and Information Services \ Voice: (905) 525-9140 x22920
ABB 132 \ FAX: (905) 528-3773
McMaster University \
Hamilton, Ontario, Canada L8S 4M1 \
More information about the samba
mailing list