[Samba] Can not add users to samba 3.0

lovswr1 lovswr1 at earthlink.net
Sun Nov 16 23:53:03 GMT 2003


On Sun, 2003-11-16 at 17:47, John H Terpstra wrote:
> On Sun, 16 Nov 2003, lovswr1 wrote:
> 
> This is the ugliest smb.conf file I have seen for a long time!
> Besides, it can not work at all. The workgroup name and the netbios name
> (machine name) are the same.
My smb.conf is at the very bottom.  Its only about 20 lines, & the
workgroup name is matrix & the machine name is matrix1. I think you are
looking at the smb.conf that rruegner wrote. 

 Furtehrmore Mr I-know-everything I have RTFM MFT's!!  I suspect that
the people who wrote it are native english speakers, but they could not
adequately convey how to bag groceries.  My milage is, in Linux when I
finally find out how to do something it almost never has anything to do
with RTFM.  Apparently the SAMBA peeps have completely changed the
authentication procedures because they thought it would be easier
(NOT!!) to configure.  Apparently the docs, man pages etc. are just as
cryptic as all such things are. 

While I'm ranting here, what in God's name is this obsession in the *nix
world with security.  All I want to do is connect 2 pc's that are about
20 inches from each other.  I could care less if the whole freaken'
world knows about it. 

 At the very least it is poor form to proffer help & then berate the
asker!
> 
> I strongly recommend that you read the Samba-HOWTO-Collection.pdf
> You can obtain it from:
> http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
> 
> Also, strongly suggest you use the SWAT Wizard to configure your system.
> 
> Cheers,
> John T.
> 
> 
> > On Sun, 2003-11-16 at 16:37, rruegner wrote:
> > > smbpasswd -m -a gerard will create a machine account called gerard$
> > > the $ means this is a machine
> > > smbpasswd -a gerard will create a user  gerard in your smbpasswd file
> > > for using this passwd feature a system user has to be created before
> > > i.e. useradd -a gerard
> > > you can do this by using new smb.conf parameters, check man smb.conf
> > > here you have an example for a smb.conf for suse samba 3 as pdc
> >
> > Yes I have the users added to the linux box itself, just whenever I do
> > smbpasswd -a username I always get that error about the SAM-ACCOUNT not
> > being initialized.
> > > #
> > >
> > > # Generated by
> > > /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
> > >
> > > #
> > >
> > > [global]
> > >
> > > browseable = no
> > >
> > > largereadwrite = yes
> > >
> > > passwdprogram = /usr/bin/passwd %u
> > >
> > > logonscript = login.bat
> > >
> > > logonhome = \\%L\%u
> > >
> > > bindinterfacesonly = Yes
> > >
> > > netbiosname = musi
> > >
> > > nameresolveorder = wins bcast hosts
> > >
> > > addsharecommand =
> > > /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
> > >
> > > ntaclsupport = yes
> > >
> > > deletesharecommand =
> > > /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
> > >
> > > usernamemap = /etc/samba/smbusers
> > >
> > > idmapuid = 15000-20000
> > >
> > > winshook = /usr/share/doc/packages/samba3/examples/wins_hook/dns_update
> > >
> > > addmachinescript = /usr/sbin/useradd -g Machines -c Machine -d /dev/null -s
> > > /bin/false %u
> > >
> > > hostmsdfs = Yes
> > >
> > > printcapname = cups
> > >
> > > deleteuserscript = /usr/sbin/userdel -r %u
> > >
> > > domainlogons = yes
> > >
> > > shutdownscript = /sbin/shutdown
> > >
> > > logfile = /var/log/samba/%m
> > >
> > > socketoptions = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF
> > >
> > > winsproxy = Yes
> > >
> > > logondrive = Z:
> > >
> > > addusertogroupscript = /usr/bin/gpasswd -a %u %g
> > >
> > > workgroup = MUSI
> > >
> > > pampasswordchange = Yes
> > >
> > > idmapgid = 15000-20000
> > >
> > > domainmaster = yes
> > >
> > > adminusers = root, Administrator
> > >
> > > timeserver = yes
> > >
> > > ldapssl = no
> > >
> > > displaycharset = ISO8859-1
> > >
> > > addgroupscript = /usr/sbin/groupadd -r %g
> > >
> > > abortshutdownscript = /sbin/shutdown -c
> > >
> > > deleteuserfromgroupscript = /usr/bin/gpasswd -d %u %g
> > >
> > > vetofiles =
> > > /*.eml/*.nws/riched20.dll/*.{*}/.AppleDouble/.bin/.AppleDesktop/Network
> > > Trash Folder/.*/
> > >
> > > delete veto files = yes
> > >
> > > loglevel = 2
> > >
> > > adduserscript = /usr/sbin/useradd -m %u
> > >
> > > hidedotfiles = yes
> > >
> > > setprimarygroupscript = /usr/sbin/usermod -g '%g' '%u'
> > >
> > > usesendfile = Yes
> > >
> > > unixcharset = ISO8859-1
> > >
> > > interfaces = lo, eth1, eth2
> > >
> > > hidefiles = /.*/DesktopFolderDB/TrashFor%m/resource.frk/
> > >
> > > hostsallow = 127., 10.10.10.
> > >
> > > keepalive = 255
> > >
> > > passdbbackend = smbpasswd:/etc/samba/smbpasswd, guest
> > >
> > > deletegroupscript = /usr/sbin/groupdel %g
> > >
> > > loadprinters = No
> > >
> > > serverschannel = Yes
> > >
> > > localmaster = yes
> > >
> > > unixpasswordsync = Yes
> > >
> > > winssupport = Yes
> > >
> > > logonpath = \\%L\%U\profile
> > >
> > > passwdchat = *password* %n\n *password* %n\n *changed*
> > >
> > > changesharecommand =
> > > /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
> > >
> > > doscharset = CP850
> > >
> > > syslog = 0
> > >
> > > utmp = Yes
> > >
> > > oslevel = 255
> > >
> > > vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
> > > recycle:versions
> > >
> > > ## Section - [files]
> > >
> > > [files]
> > >
> > > readonly = No
> > >
> > > cscpolicy = disable
> > >
> > > comment = public files
> > >
> > > browseable = yes
> > >
> > > writeable = yes
> > >
> > > path = /files/pub
> > >
> > > guestok = yes
> > >
> > > vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
> > > recycle:versions
> > >
> > > ## Section - [homes]
> > >
> > > [homes]
> > >
> > > readonly = No
> > >
> > > comment = Home Directories
> > >
> > > browseable = No
> > >
> > > cscpolicy = disable
> > >
> > > guest ok = No
> > >
> > > vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
> > > recycle:versions
> > >
> > > ## Section - [netlogon]
> > >
> > > [netlogon]
> > >
> > > sharemodes = No
> > >
> > > rootpreexec = /var/lib/samba/netlogon/login.pl %U %G %m %L
> > >
> > > comment = Netlogon Share
> > >
> > > browseable = No
> > >
> > > path = /var/lib/samba/netlogon
> > >
> > > guestok = Yes
> > >
> > > writelist = @ntadmin
> > >
> > > locking = no
> > >
> > > public = no
> > >
> > > cscpolicy = disable
> > >
> > > vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
> > > recycle:versions
> > >
> > > ## Section - [smbmonitor]
> > >
> > > [smbmonitor]
> > >
> > > readonly = No
> > >
> > > cscpolicy = disable
> > >
> > > comment = security smb logs
> > >
> > > browseable = no
> > >
> > > writeable = yes
> > >
> > > path = /smbmonitor
> > >
> > > guestok = yes
> > >
> > > vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
> > > recycle:versions
> > >
> > > ## Section - [wincd]
> > >
> > > [wincd]
> > >
> > > readonly = No
> > >
> > > cscpolicy = disable
> > >
> > > comment = security smb logs
> > >
> > > browseable = no
> > >
> > > path = /wincd/win2k/mnt
> > >
> > > writelist = @ntadmin
> > >
> > > guestok = yes
> > >
> > > vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
> > > recycle:versions
> > >
> > >
> > >
> > > ##########################################################
> > >
> > > #use this if you want profiles in a seperate share
> > >
> > > #[profiles]
> > >
> > > # comment = Roaming Profile Share
> > >
> > > # path = /files/profiles
> > >
> > > # read only = No
> > >
> > > # browseable = No
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > #
> > >
> > > # end of generated smb.conf
> > >
> > > #
> > >
> > > Best Regards
> > > ----- Original Message -----
> > > From: "lovswr1" <lovswr1 at earthlink.net>
> > > To: "samba" <samba at lists.samba.org>
> > > Sent: Sunday, November 16, 2003 7:14 PM
> > > Subject: [Samba] Can not add users to samba 3.0
> > >
> > >
> > > > Hello, I can not seem to get smbpsswd to add any users to samba.  No
> > > > matter if I use the CLI, the Webmin module or SWAT I always get this
> > > > response when trying to add any user
> > > >
> > > > [root at matrix1 samba]# smbpasswd -m -a gerard
> > > > Failed initialise SAM_ACCOUNT for user gerard$.
> > > > Failed to modify password entry for user gerard$
> > > >
> > > >
> > > > I take it this has somehting to do with PAM & or shadow passwords, & I
> > > > have been lookig for a about a week & the best that I can find anything
> > > > related to this 'SAM_ACCOUNT' that resembles my problem, is that I need
> > > > to make sure that ./configure (I have no idea which ./confiugure it is
> > > > although I suspect that it is the one from a manual build of samba.
> > > > Since mine was installed along wtih a bunch of other stuff when I
> > > > upgraded from RH9 to fedore core 1, I have no idea where it might be)
> > > > has PAM & or shadow options enabled.  Any help in this matter would be
> > > > greatly appreciated.
> > > >
> > > >
> > > > # Global parameters
> > > > [global]
> > > > encrypt passwords = yes
> > > > unix password sync = yes
> > > > security = SHARE
> > > > preferred master = Yes
> > > > log file = /var/log/samba/%m.log
> > > > passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> > > > *passwd:*all*authentication*tokens*updated*successfully*
> > > > server string = Samba Server
> > > > pam password change = Yes
> > > > passwd program = /usr/bin/passwd %u
> > > > socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
> > > > dns proxy = No
> > > > workgroup = MATRIX
> > > > ldap ssl = no
> > > > valid users = gerard, lovswr, marlene, vswr
> > > > max log size = 0
> > > > printing = cups
> > > > hosts allow = pc2, freebsd, matrix1
> > > > guest account =
> > > >
> > > > [homes]
> > > > comment = Home Directories
> > > > path = /home/public
> > > > read only = No
> > > > create mask = 0664
> > > > directory mask = 0775
> > > > guest ok = Yes
> > > >
> > > > [printers]
> > > > comment = All Printers
> > > > path = /var/spool/samba
> > > > printable = Yes
> > > > browseable = No
> > > >
> > > >
> > > > --
> > > > To unsubscribe from this list go to the following URL and read the
> > > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > > >
> > > >
> > >
> >
> >




More information about the samba mailing list