[Samba] Can not add users to samba 3.0

John H Terpstra jht at samba.org
Sun Nov 16 22:44:12 GMT 2003 

On Sun, 16 Nov 2003, lovswr1 wrote:

> Hello, I can not seem to get smbpsswd to add any users to samba.  No
> matter if I use the CLI, the Webmin module or SWAT I always get this
> response when trying to add any user
>
> [root at matrix1 samba]# smbpasswd -m -a gerard
> Failed initialise SAM_ACCOUNT for user gerard$.
> Failed to modify password entry for user gerard$
>
> I take it this has somehting to do with PAM & or shadow passwords, & I
> have been lookig for a about a week & the best that I can find anything
> related to this 'SAM_ACCOUNT' that resembles my problem, is that I need
> to make sure that ./configure (I have no idea which ./confiugure it is
> although I suspect that it is the one from a manual build of samba.
> Since mine was installed along wtih a bunch of other stuff when I
> upgraded from RH9 to fedore core 1, I have no idea where it might be)
> has PAM & or shadow options enabled.  Any help in this matter would be
> greatly appreciated.
>
>
> # Global parameters
> [global]
> 	encrypt passwords = yes
> 	unix password sync = yes
> 	security = SHARE

Please make up your mind. Do you want encrypted passwords (the default on
Samba-3) and security=user (also the default on samba-3), or do you want
security=share?

Security=share means: use plain-text passwords.

> 	preferred master = Yes
> 	log file = /var/log/samba/%m.log
> 	passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
> 	server string = Samba Server
> 	pam password change = Yes
> 	passwd program = /usr/bin/passwd %u
> 	socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
> 	dns proxy = No
> 	workgroup = MATRIX
> 	ldap ssl = no

Get rid of the 'ldap ssl' entry. It's not used in this config.

> 	valid users = gerard, lovswr, marlene, vswr

Do not use this in the global section, it will break browsing.

> 	max log size = 0
> 	printing = cups
> 	hosts allow = pc2, freebsd, matrix1

You need to allow the loopback adaptor also! ie:
hosts allow = pc2, freebsd, matrix1, lo

> 	guest account =

Either remove the 'guest account' entry, or else assign it to a valid
system account. If you remove this entry samba will fall back to the
default (nobody). In this case you must have an account in /etc/passwd
that is called 'nobody'.

>
> [homes]
> 	comment = Home Directories
> 	path = /home/public

Nope! the [homes] entry is a meta-service that makes home shares
available. Do not specify the path like this.

> 	read only = No
> 	create mask = 0664
> 	directory mask = 0775
> 	guest ok = Yes
>
> [printers]
> 	comment = All Printers
> 	path = /var/spool/samba
> 	printable = Yes
> 	browseable = No
>
>
>

-- 
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list