undesired root password change
git at meaford.com
Mon Mar 26 10:46:18 GMT 2001
You seem to be missing some lines in your Security Section. I'm pasting
the following from my smb.conf. Again, is is from a Linux system, you may
need to adjust slightly for BSD.
# The following are needed to allow password changing from Windows to
# update the Linux sytsem password also.
# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
# NOTE2: You do NOT need these to allow workstations to change only
# the encrypted SMB passwords. They allow the Unix password
# to be kept in sync with the SMB password.
; unix password sync = Yes ; passwd program = /usr/bin/passwd %u
; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
Note, the above two lines are all 1 line.
On Mon, 26 Mar 2001, Jeroen Heijungs wrote:
> After I have found the solutions for the login troubles, I have stumbled
> upon the next rather annoying problem, perhaps hav I done something very
> wrong, but if someone knows anything about the following then please...
> Samba 2.0.7 on FreeBSD 4.2-stable
> Windows 95 workstations
> I used plaintext password, everything OK.
> When I put the parm "encrypt passwords = true", no one can login, until I
> add a user with the smbpasswd -a option.
> Now I want to change the password for the user, in Windows I do this in
> Configuration, and all goes well, I can login again with te new password,
> but not with the old one.
> So far so good.
> BUT now the horror: when I try (on the BSD box) to su myself to root, it
> keeps on saying that the password is wrong, but I have not changed the
> password so far I know. It turns out that the root password is changed to
> the new password for the user above, I have examined this a little bit and
> found out that when changing the password in Windows, the corresponding
> password in the smbpasswd file is being changed accordingly, BUT NOT THE
> PASSWORD FOR THE UNIX-USER, INSTEAD THE PASSWORD FOR ROOT IS BEING CHANGED!!!
> My question: is this a known behaviour? is this a real security bug, have I
> done something wrong or overlooked something?
> BTW isn't there an option to force periodic password change?
> thanks in advance
> Jeroen Heijungs
> Het Muziektheater
> Amsterdam, The Netherlands
> My SMB.CONF
> workgroup = LICHT
> netbios name = LICHTSERVER
> server string = TEST %L (Samba %v)
> domain logons = Yes
> os level = 33
> logon script = %g\smblogin.bat
> # Netwerkopties
> interfaces = 172.22.1.1/16 172.20.1.14/16
> socket options = TCP_NODELAY SO_KEEPALIVE IPTOS_LOWDELAY
> # Security
> invalid users = root
> security = user
> min password length = 5
> unix password sync = Yes
> encrypt passwords = true
> smb passwd file = /usr/local/private/smbpasswd
> hosts allow = 172.22. 172.20.1.12 172.20.3.26 localhost
> # File system rechten
> inherit permissions = yes
> map archive = no
> # Logging
> log file = /var/log/log.%m
> max log size = 1024
> debug uid = Yes
> log level = 1
> # Printing
> load printers = No
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba