[SAMBA] Samba/Linux - Password synchronization problem
John Benedetto
jbenedet at unm.edu
Tue Aug 13 05:25:01 GMT 2002
-On Tuesday, August 13, 2002 10:06 AM +0200 Rasmus Reinholdt Nielsen
<rasmus at narani.dk> wrote:
> Hi
>
> the " unix password sync = yes " works the other way around, meaning
> that when you change the unix password the samba one is also changed. I'm
> not sure you can do it the way you describe.
>
> Rasmus
Unless it's been changed since 2.0.10, the help screens on my swat say
different: They say that when the SMB password is changed, it changes the
Unix password as well...
"unix password sync (G)
This boolean parameter controls whether Samba attempts to synchronize the
UNIX password with the SMB password when the encrypted SMB password in the
smbpasswd file is changed. If this is set to true the program specified in
the "passwd program" parameter is called *AS ROOT* - to allow the new UNIX
password to be set without access to the old UNIX password (as the SMB
password has change code has no access to the old password cleartext, only
the new). By default this is set to "false". "
NOw, that might also list the solution for Slawek... you should NOT NEED
the %o substitution, because the passwd program is "called as root", so you
do not need the old password. That would mean that you need to do your
testing as root, and you *DO* need to change your password chat. Perhaps
you might want to play with the "password chat debug" setting, and see what
shows up in your logs (but don't forget to turn it off when you're done
testing!)
- john
>
>
> At 09:53 13-08-2002 +0200, Slawek W wrote:
>
>
>> hi, friends!
>>
>>
>> i have samba on mandrake.
>>
>> i want to set encrypted passwords for win98 winNT clients, and
>> also i want to set passwords synchronization to automatically
>> update a user's regular Unix password when the encrypted samba
>> password is changed on the system.
>> i can change user's passwords for samba but synchronization
>> doesn't work.
>>
>> here are some lines from my smb.conf and 'testparm'. what causes
>> the ERROR ???
>>
>> ----------------------------------------------------------------
>> ----------------------------------------------------------------
>>
>> Load smb config files from smb.conf
>> Processing section "[homes]"
>> Processing section "[test1]"
>> Processing section "[test2]"
>> Processing section "[test3]"
>> Processing section "[samba]"
>> Loaded services file OK.
>> ERROR: the 'passwd chat' script [*passw* %o\n *new*passw* %n\n
>> *new*passw* %n\n *success*] expects to use the old plaintext
>> password via the %o substitution. With encrypted passwords this
>> is not possible.
>> Press enter to see a dump of your service definitions
>>
>>
>> ;
>> ; ---------------------------------------------------------
>> ; [globals] Security and Domain Logon Services
>> ; ---------------------------------------------------------
>> ;
>> security = user
>> ;
>> encrypt passwords = yes
>> ;
>> password level = 1
>> ;
>> smb passwd file = /etc/samba/private/smbpasswd
>> ;
>> unix password sync = yes
>> ;
>> passwd program = /usr/bin/passwd %u
>> ;
>> passwd chat = *passw* %o\n *new*passw* %n\n *new*passw* %
>> n\n
>> *success*
>> ;
>> passwd chat debug = yes
>> ;
>> log level = 100
>> ;
>> guest account = nobody
>> ;
>> ----------------------------------------------------------------
>> ----------------------------------------------------------------
>>
>>
>>
>> i am sure that 'passwd chat' is ok. for my mandrake.
>>
>> slawek
>>
>>
>>
>>
>>
>> -----------------------------------------------------------------------
>> Kraków, Sopot, Zakopane, Hel - miasto na lato :-)
>> Zaprasza sieæ wakacyjnych serwisów informacyjnych <
>> http://naszemiasto.pl >
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list