No subject
Mon Dec 1 11:34:25 GMT 2003
works with plaintext passwords (as fallback) NT4.0 incl. servicepack refuses
to work (you may recognize this behaviour by repeating entering the login
and the password a couple of times. Then you will be able to mount a share).
(more on this topic in /usr/doc/packages/samba/ ENCRYPTION.txt).
Solution:
Well, either you may convince NT via its Windows registry to use plaintext
passwords
There is a script in the samba source package called mksmbpasswd.sh. This is
for creating a "special" password file out of the existing one.
mksmbpasswd.sh:
#!/bin/sh
awk 'BEGIN {FS=":"
printf("#\n# SMB password file.\n#\n")
}
{ printf(
"%s:%s:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:%s:
%s:%s\n", $1, $3, $5, $6, $7) }
'
Example:
cat /etc/passwd | mksmbpasswd.sh > /etc/smbpasswd, or
ypcat passwd | mksmbpasswd.sh > /etc/smbpasswd on a NIS server, or client,
respectively.
Thereafter you have to set the permissions of this file: chmod 600
/etc/smbpasswd.
Furthermore be aware that /etc/smbpasswd has been set by default by S.u.S.E.
Well, after a /etc/smbpasswd has been generated a password a user has to be
created. This is done by smbpasswd. If any user may do this the SETUID bit
has to be set (chmod u+s /usr/bin/smbpasswd). Otherwise only root will be
able to change passwords.
Now you have to extend /etc/smb.conf (in global section):
encrypt passwords = yes
If there is more than one samba machine attached it is not necessary to do
so on every machine. Samba is able to get the passwords from another machine
be it an NT server or some other host. To activate this switch you will have
to enter the following lines in the global section:
security = server
password server = YOURSERVER
Make sure that 'YOURSERVER' is the NetBIOS name of the server (NetBIOS and
DNS may differ). NetBIOS names are restricted to a maximum of 15 letters. Of
course you may not enter the options given above on the server itself. This
would create an endless loop.
Important:
Please use an actual samba version (at least ersion 1.9.18p2)!
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
More information about the samba
mailing list