[Samba] Desperate! passwd sync problem...please help!

Ulrich Kohlhase Ulrich.Kohlhase at t-online.de
Sun Mar 23 17:52:14 GMT 2003

> After the 15-20 sec wait smbpasswd eventually returns stating,
> "Password changed for user sc". The thing is that neither the samba
> or the system passwd is changed, and whats more, the system passwd
> command is still running in the background until I kill it manually.

Did you try to change the user's password in a linux terminal first? Please
note that the Samba password change fails if the Linux password change
failed before. This is by design and documented in the "passwd program"
section of the smb.conf doc.

> obey pam restrictions = yes

Do you have any PAM restrictions on password length or password quality set?
We don't have Samba's PAM support enabled and I'm no PAM expert either but
this may be worth looking at.

>         passwd chat debug = yes
>         passwd program = /usr/bin/passwd %u
>         passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
> *Retype\snew\sUNIX\spassword:* %n\n

Does the "passwd chat" string *exactly* match the messages you get when
changing a password on the console? You have "passwd chat debug" enabled, so
what does the logging output show you?

If you still can't get the password sync working, you could use a wrapper
script to do the Linux password synchronisation. We use this small Perl
script to do the pass change and some logging (see the comments and
necessary changes):

# in smb.conf:
#       encrypt passwords = Yes
#       passwd program = /path/to/samba/scripts/chgpasswd.pl %u %n
#       passwd chat = .
#       unix password sync = Yes
# touch /path/to/samba/logs/log.pass
# in /path/to/samba/source/smbd/chgpasswd.c:
#       after the line 'pstring_sub(passwordprogram, "%u", name);'
#       append
#       pstring_sub(passwordprogram, "%n", newpass);
use Time::localtime;

($username, $newpass) = @ARGV;

# Change the Linux password and do some logging:
my $tm = localtime();
$datestring = sprintf "%02d.%02d.%04d",$tm->mday, $tm->mon + 1, $tm->year +
$logdateiname = sprintf ">>/path/to/samba/logs/pass.log";

# change password in /etc/shadow without interaction:
        $cmdtext = sprintf "echo %s:%s | /usr/sbin/chpasswd", $username,
        $logtext = sprintf "User \"%s\" password changed",$username;
        open (logfile, $logdateiname);
        printf logfile  "%s - %02d:%02d:%02d : %s \n", $datestring,
$tm->hour, $tm->min, $tm->sec, $logtext;
        close logfile;

# change NIS DB
#       $cmdtext = sprintf "make -C /var/yp >> /dev/null";
#       system($cmdtext);

Good luck,

More information about the samba mailing list