[SAMBA] Samba/Linux - Password synchronization problem

John Benedetto jbenedet at unm.edu
Tue Aug 13 05:25:01 GMT 2002


-On Tuesday, August 13, 2002 10:06 AM +0200 Rasmus Reinholdt Nielsen 
<rasmus at narani.dk> wrote:

> Hi
>
> the "  unix password sync = yes " works the other way around, meaning
> that when you change the unix password the samba one is also changed. I'm
> not sure you can do it the way you describe.
>
> Rasmus

Unless it's been changed since 2.0.10, the help screens on my swat say 
different:  They say that when the SMB password is changed, it changes the 
Unix password as well...

"unix password sync (G)
This boolean parameter controls whether Samba attempts to synchronize the 
UNIX password with the SMB password when the encrypted SMB password in the 
smbpasswd file is changed. If this is set to true the program specified in 
the "passwd program" parameter is called *AS ROOT* - to allow the new UNIX 
password to be set without access to the old UNIX password (as the SMB 
password has change code has no access to the old password cleartext, only 
the new). By default this is set to "false". "

NOw, that might also list the solution for Slawek... you should NOT NEED 
the %o substitution, because the passwd program is "called as root", so you 
do not need the old password.  That would mean that you need to do your 
testing as root, and you *DO* need to change your password chat.  Perhaps 
you might want to play with the "password chat debug" setting, and see what 
shows up in your logs (but don't forget to turn it off when you're done 
testing!)

- john

>
>
> At 09:53 13-08-2002 +0200, Slawek W wrote:
>
>
>> hi, friends!
>>
>>
>> i have samba on mandrake.
>>
>> i want to set encrypted passwords for win98 winNT clients, and
>> also i want to set passwords synchronization to automatically
>> update a user's regular Unix password when the encrypted samba
>> password is changed on the system.
>> i can change user's passwords for samba but synchronization
>> doesn't work.
>>
>> here are some lines from my smb.conf and 'testparm'. what causes
>> the ERROR ???
>>
>> ----------------------------------------------------------------
>> ----------------------------------------------------------------
>>
>> Load smb config files from smb.conf
>> Processing section "[homes]"
>> Processing section "[test1]"
>> Processing section "[test2]"
>> Processing section "[test3]"
>> Processing section "[samba]"
>> Loaded services file OK.
>> ERROR: the 'passwd chat' script [*passw* %o\n *new*passw* %n\n
>> *new*passw* %n\n *success*] expects to use the old plaintext
>> password via the %o substitution. With encrypted passwords this
>> is not possible.
>> Press enter to see a dump of your service definitions
>>
>>
>> ;
>> ; ---------------------------------------------------------
>> ; [globals]      Security and Domain Logon Services
>> ; ---------------------------------------------------------
>> ;
>>     security = user
>> ;
>>     encrypt passwords = yes
>> ;
>>     password level = 1
>> ;
>>     smb passwd file = /etc/samba/private/smbpasswd
>> ;
>>     unix password sync = yes
>> ;
>>     passwd program = /usr/bin/passwd %u
>> ;
>>     passwd chat = *passw* %o\n *new*passw* %n\n *new*passw* %
>> n\n
>> *success*
>> ;
>>     passwd chat debug = yes
>> ;
>>     log level = 100
>> ;
>>     guest account = nobody
>> ;
>> ----------------------------------------------------------------
>> ----------------------------------------------------------------
>>
>>
>>
>> i am sure that 'passwd chat' is ok. for my mandrake.
>>
>> slawek
>>
>>
>>
>>
>>
>> -----------------------------------------------------------------------
>> Kraków, Sopot, Zakopane, Hel - miasto na lato :-)
>> Zaprasza sieæ wakacyjnych serwisów informacyjnych <
>> http://naszemiasto.pl >
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  http://lists.samba.org/mailman/listinfo/samba




More information about the samba mailing list