[Samba] Samba PDC passwd update to NIS server

[Leroy van Logchem]

Hello,

After some difficulties my samba pdc users can change there smbpasswd and unix nis password in one go.
(They just use the ctrl-alt-del change passwd.)

My setup:

A samba pdc running on host x (sunos) (Serving 3 TB, 500 users)
A YP NIS password server running on host y (sunos)

The lines in smb.conf for this:

...
passwd program = /samba/tools/changepasswd.exp %u
passwd chat = *new* %n\n *OK* *OK*
...

The needed changepasswd.exp script:
---
#!/app/expect/bin/expect -f
set ypserver "toor@<change to fit your system>"
set ssh "/usr/local/bin/ssh"
set passwd "/usr/bin/passwd"

# Don't change below

set force_conservative 1  ;# set to 1 to force conservative mode even if
                          ;# script wasn't run conservatively originally
if {$force_conservative} {
        set send_slow {1 .1}
        proc send {ignore arg} {
                sleep .1
                exp_send -s -- $arg
        }
}

set timeout -1
set username [lindex $argv 0]
send_user "new"
system stty echo
expect_user -re "(.*)\n"
set password $expect_out(1,string)
send_user "OK\n"
log_user 0
spawn $ssh $ypserver
expect "<change to fit your system> :"
send -- "passwd $username\r"
expect -exact "passwd $username\r
New password: "
send -- "$password\r"
expect -exact "\r
Re-enter new password: "
send -- "$password\r"
expect -exact "\r
NIS passwd/attributes changed on <change to fit your system>\r"
expect "<change to fit your system> :"
send -- "exit\r"
log_user 1
send_user "OK\n"
log_user 0
expect eof
---

Requirements:

1 root user account without too much stuff during the login
1 install of expect ( http://expect.nist.gov/ )
1 install of tcl ( http://www.tcl.tk/ )
1 install of ssh or any other remote shell thingy

Goodluck,

***************************************************
Leroy R. van Logchem
IT Specialist / UNIX Admin, AUT
***************************************************
-------------- next part --------------
HTML attachment scrubbed and removed