[Samba] Can not add users to samba 3.0

rruegner robowarp at gmx.de
Sun Nov 16 21:37:31 GMT 2003 

smbpasswd -m -a gerard will create a machine account called gerard$
the $ means this is a machine
smbpasswd -a gerard will create a user  gerard in your smbpasswd file
for using this passwd feature a system user has to be created before
i.e. useradd -a gerard
you can do this by using new smb.conf parameters, check man smb.conf
here you have an example for a smb.conf for suse samba 3 as pdc
#

# Generated by
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl

#

[global]

browseable = no

largereadwrite = yes

passwdprogram = /usr/bin/passwd %u

logonscript = login.bat

logonhome = \\%L\%u

bindinterfacesonly = Yes

netbiosname = musi

nameresolveorder = wins bcast hosts

addsharecommand =
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl

ntaclsupport = yes

deletesharecommand =
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl

usernamemap = /etc/samba/smbusers

idmapuid = 15000-20000

winshook = /usr/share/doc/packages/samba3/examples/wins_hook/dns_update

addmachinescript = /usr/sbin/useradd -g Machines -c Machine -d /dev/null -s
/bin/false %u

hostmsdfs = Yes

printcapname = cups

deleteuserscript = /usr/sbin/userdel -r %u

domainlogons = yes

shutdownscript = /sbin/shutdown

logfile = /var/log/samba/%m

socketoptions = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF

winsproxy = Yes

logondrive = Z:

addusertogroupscript = /usr/bin/gpasswd -a %u %g

workgroup = MUSI

pampasswordchange = Yes

idmapgid = 15000-20000

domainmaster = yes

adminusers = root, Administrator

timeserver = yes

ldapssl = no

displaycharset = ISO8859-1

addgroupscript = /usr/sbin/groupadd -r %g

abortshutdownscript = /sbin/shutdown -c

deleteuserfromgroupscript = /usr/bin/gpasswd -d %u %g

vetofiles =
/*.eml/*.nws/riched20.dll/*.{*}/.AppleDouble/.bin/.AppleDesktop/Network
Trash Folder/.*/

delete veto files = yes

loglevel = 2

adduserscript = /usr/sbin/useradd -m %u

hidedotfiles = yes

setprimarygroupscript = /usr/sbin/usermod -g '%g' '%u'

usesendfile = Yes

unixcharset = ISO8859-1

interfaces = lo, eth1, eth2

hidefiles = /.*/DesktopFolderDB/TrashFor%m/resource.frk/

hostsallow = 127., 10.10.10.

keepalive = 255

passdbbackend = smbpasswd:/etc/samba/smbpasswd, guest

deletegroupscript = /usr/sbin/groupdel %g

loadprinters = No

serverschannel = Yes

localmaster = yes

unixpasswordsync = Yes

winssupport = Yes

logonpath = \\%L\%U\profile

passwdchat = *password* %n\n *password* %n\n *changed*

changesharecommand =
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl

doscharset = CP850

syslog = 0

utmp = Yes

oslevel = 255

vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions

## Section - [files]

[files]

readonly = No

cscpolicy = disable

comment = public files

browseable = yes

writeable = yes

path = /files/pub

guestok = yes

vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions

## Section - [homes]

[homes]

readonly = No

comment = Home Directories

browseable = No

cscpolicy = disable

guest ok = No

vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions

## Section - [netlogon]

[netlogon]

sharemodes = No

rootpreexec = /var/lib/samba/netlogon/login.pl %U %G %m %L

comment = Netlogon Share

browseable = No

path = /var/lib/samba/netlogon

guestok = Yes

writelist = @ntadmin

locking = no

public = no

cscpolicy = disable

vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions

## Section - [smbmonitor]

[smbmonitor]

readonly = No

cscpolicy = disable

comment = security smb logs

browseable = no

writeable = yes

path = /smbmonitor

guestok = yes

vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions

## Section - [wincd]

[wincd]

readonly = No

cscpolicy = disable

comment = security smb logs

browseable = no

path = /wincd/win2k/mnt

writelist = @ntadmin

guestok = yes

vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions



##########################################################

#use this if you want profiles in a seperate share

#[profiles]

# comment = Roaming Profile Share

# path = /files/profiles

# read only = No

# browseable = No









#

# end of generated smb.conf

#

Best Regards
----- Original Message ----- 
From: "lovswr1" <lovswr1 at earthlink.net>
To: "samba" <samba at lists.samba.org>
Sent: Sunday, November 16, 2003 7:14 PM
Subject: [Samba] Can not add users to samba 3.0


> Hello, I can not seem to get smbpsswd to add any users to samba.  No
> matter if I use the CLI, the Webmin module or SWAT I always get this
> response when trying to add any user
>
> [root at matrix1 samba]# smbpasswd -m -a gerard
> Failed initialise SAM_ACCOUNT for user gerard$.
> Failed to modify password entry for user gerard$
>
>
> I take it this has somehting to do with PAM & or shadow passwords, & I
> have been lookig for a about a week & the best that I can find anything
> related to this 'SAM_ACCOUNT' that resembles my problem, is that I need
> to make sure that ./configure (I have no idea which ./confiugure it is
> although I suspect that it is the one from a manual build of samba.
> Since mine was installed along wtih a bunch of other stuff when I
> upgraded from RH9 to fedore core 1, I have no idea where it might be)
> has PAM & or shadow options enabled.  Any help in this matter would be
> greatly appreciated.
>
>
> # Global parameters
> [global]
> encrypt passwords = yes
> unix password sync = yes
> security = SHARE
> preferred master = Yes
> log file = /var/log/samba/%m.log
> passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
> server string = Samba Server
> pam password change = Yes
> passwd program = /usr/bin/passwd %u
> socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
> dns proxy = No
> workgroup = MATRIX
> ldap ssl = no
> valid users = gerard, lovswr, marlene, vswr
> max log size = 0
> printing = cups
> hosts allow = pc2, freebsd, matrix1
> guest account =
>
> [homes]
> comment = Home Directories
> path = /home/public
> read only = No
> create mask = 0664
> directory mask = 0775
> guest ok = Yes
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> printable = Yes
> browseable = No
>
>
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>
>

More information about the samba mailing list