No subject

Mon Dec 1 11:34:25 GMT 2003

works with plaintext passwords (as fallback) NT4.0 incl. servicepack refuses
to work (you may recognize this behaviour by repeating entering the login
and the password a couple of times. Then you will be able to mount a share).
(more on this topic in /usr/doc/packages/samba/ ENCRYPTION.txt).


Well, either you may convince NT via its Windows registry to use plaintext

There is a script in the samba source package called This is
for creating a "special" password file out of the existing one.

awk 'BEGIN {FS=":"
printf("#\n# SMB password file.\n#\n")
{ printf(
%s:%s\n", $1, $3, $5, $6, $7) }


cat /etc/passwd | > /etc/smbpasswd, or
ypcat passwd | > /etc/smbpasswd on a NIS server, or client,

Thereafter you have to set the permissions of this file: chmod 600
Furthermore be aware that /etc/smbpasswd has been set by default by S.u.S.E.
Well, after a /etc/smbpasswd has been generated a password a user has to be
created. This is done by smbpasswd. If any user may do this the SETUID bit
has to be set (chmod u+s /usr/bin/smbpasswd). Otherwise only root will be
able to change passwords.
Now you have to extend /etc/smb.conf (in global section):

encrypt passwords = yes

If there is more than one samba machine attached it is not necessary to do
so on every machine. Samba is able to get the passwords from another machine
be it an NT server or some other host. To activate this switch you will have
to enter the following lines in the global section:

security = server
password server = YOURSERVER

Make sure that 'YOURSERVER' is the NetBIOS name of the server (NetBIOS and
DNS may differ). NetBIOS names are restricted to a maximum of 15 letters. Of
course you may not enter the options given above on the server itself. This
would create an endless loop.

Please use an actual samba version (at least ersion 1.9.18p2)!

Do You Yahoo!?
Get your free address at

More information about the samba mailing list