[Samba] mksmbpasswd.sh and passwd sync problems...
Buchan Milne
bgmilne at cae.co.za
Mon Jan 6 15:26:00 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Message: 22
> Date: Sun, 5 Jan 2003 08:21:49 -0800
> From: "Bob" <Bob at yellowbugcomputers.com>
> Reply-To: <Bob at yellowbugcomputers.com>
> To: <samba at lists.samba.org>
> Subject: [Samba] mksmbpasswd.sh and passwd sync problems...
>
> Hello Everyone!
>
> I've spent quite a bit trying to get these shares to work just right.
> I'll past the output of my smb.conf at the end of this message. If
> anyone has any advice on this, that would be great.
>
> My first problem is that I'm trying to sync up my /etc/passwd with the
> /etc/samba/smbpasswd file. (I'm using Mandrake 9.0 and Samba
> 2.2.6-1.0.pre2.2.mdk.
There have been security updates to 2.2.7, but you may want to wait a
bit for 2.2.7a ...
> Mandrake puts the smbpasswd file in the
> /etc/samba directory. When I do this command
>
> cat /etc/passwd | mksmbpasswd.sh > /etc/samba/smbpasswd
>
> It does create a smbpasswd file. However, then None of the users can
> log in to the shares. I can log into the win98 client, and then see
> the user's home directory, the care directory, and the public
> directory but can't log in to them.
This command only makes an empty smbpassd file, which really serves no
purpose, you may as well just do:
# smbpasswd -a <user>
for each user
Why? The linux and windows password hashes are incompatible, the only
way to derive one from the other is to brute-force them. This is the
whole reason for the smbpasswd file.
>
> I've also tried to create the smbpasswd file with webmin, but that
> doesn't seem to work either, it gives me three options:
> For newly created users, set the password to 1. no password, 2.
> account locked, 3. use this password
>
> What if I want the same password as the linux password? argh!
You could use something like pam_smbpass so that if the linux password
is changed, that the samba password is also changed. Or, set it to a
known value and let the users change the samba password from windows. Or
authenticate all other linux services via pam_smb or pam_winbind ....
>
> The only way I can log into the shares is to actually create an
> individual password using smbpasswd -a username.
>
> What am I missing? I know I have successfully done this in the past?
You might want to tell us how ... unless it was using clear-text
passwords and hacking the registry on all the clients, and not being
able to do domain logons at all.
>
>
> When I do create the password with smbpasswd, I can log in
Log in how. Please be clear. Was this into windows? Which version?
, see the
> shares, and actually log in
Again, log in where?
>, but Ihave to enter in the password again
> to access the shares. Should I have to log in twice?
No, you shouldn't be prompted for a password on connecting to a samba
server using encrypted passwords if the username and password on the
client (what the user logged into windows with) match that of the server
>
> Sorry for the double questions, Any advice would be very much
appreciated.
>
> Thanks,
>
> Bob
>
> # Global parameters
> [global]
> workgroup = PARADISE
> netbios name = SERVER
> server string = Linux Server %v
> interfaces = 127.0.0.1, 192.168.0.254
> hosts allow = 192.168.0.
> security = SHARE
^^^^^^^^^^^^^^^^
You really should use 'security=user' here IMHO.
> encrypt passwords = Yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password* %n\n
> unix password sync = Yes
> log file = /var/log/samba/log.%m
> max log size = 50
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> printcap name = lpstat
> dns proxy = No
> printing = cups
> wins support = yes
> os level = 65
> local master = yes
> domain master = yes
> preferred master = yes
>
> [homes]
> comment = Home Directory
> read only = No
> browseable = No
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> create mask = 0700
> guest ok = Yes
> printable = Yes
> print command = lpr-cups -P %p %s
> # using cups own drivers (use generic PostScript on clients).
> lpq command = lpstat -o %p
> lprm command = cancel %p-%j
> browseable = No
>
> [public]
> comment = Public Directory
> path = /home/samba/public
> write list = @staff
> guest ok = No
> read only = No
>
> [care]
> comment = Careware Data
> path = /home/samba/careware
> valid users = sara, jim, bob
> read only = No
> browseable = Yes
- --
|--------------Another happy Mandrake Club member--------------|
Buchan Milne Mechanical Engineer, Network Manager
Cellphone * Work +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering http://www.cae.co.za
GPG Key http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE+GaEhrJK6UGDSBKcRAunTAJ9TvTfe9961Sl/qERIZnZ8hGw+NWACgv6SQ
LexfbQUKJ+89Bcc2ibZm9bc=
=J3gY
-----END PGP SIGNATURE-----
More information about the samba
mailing list