[Samba] Can not add users to samba 3.0

rruegner robowarp at gmx.de
Mon Nov 17 01:25:49 GMT 2003


RTFM MFT what kind of KUNG FU is that ? *rofl
my samba works very nice since 4 months, read the man files
 Best Regards
----- Original Message ----- 
From: "lovswr1" <lovswr1 at earthlink.net>
To: "John H Terpstra" <jht at samba.org>
Cc: "samba" <samba at lists.samba.org>
Sent: Monday, November 17, 2003 12:53 AM
Subject: Re: [Samba] Can not add users to samba 3.0


> On Sun, 2003-11-16 at 17:47, John H Terpstra wrote:
> > On Sun, 16 Nov 2003, lovswr1 wrote:
> >
> > This is the ugliest smb.conf file I have seen for a long time!
> > Besides, it can not work at all. The workgroup name and the netbios name
> > (machine name) are the same.
> My smb.conf is at the very bottom.  Its only about 20 lines, & the
> workgroup name is matrix & the machine name is matrix1. I think you are
> looking at the smb.conf that rruegner wrote.
>
>  Furtehrmore Mr I-know-everything I have RTFM MFT's!!  I suspect that
> the people who wrote it are native english speakers, but they could not
> adequately convey how to bag groceries.  My milage is, in Linux when I
> finally find out how to do something it almost never has anything to do
> with RTFM.  Apparently the SAMBA peeps have completely changed the
> authentication procedures because they thought it would be easier
> (NOT!!) to configure.  Apparently the docs, man pages etc. are just as
> cryptic as all such things are.
>
> While I'm ranting here, what in God's name is this obsession in the *nix
> world with security.  All I want to do is connect 2 pc's that are about
> 20 inches from each other.  I could care less if the whole freaken'
> world knows about it.
>
>  At the very least it is poor form to proffer help & then berate the
> asker!
> >
> > I strongly recommend that you read the Samba-HOWTO-Collection.pdf
> > You can obtain it from:
> > http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
> >
> > Also, strongly suggest you use the SWAT Wizard to configure your system.
> >
> > Cheers,
> > John T.
> >
> >
> > > On Sun, 2003-11-16 at 16:37, rruegner wrote:
> > > > smbpasswd -m -a gerard will create a machine account called gerard$
> > > > the $ means this is a machine
> > > > smbpasswd -a gerard will create a user  gerard in your smbpasswd
file
> > > > for using this passwd feature a system user has to be created before
> > > > i.e. useradd -a gerard
> > > > you can do this by using new smb.conf parameters, check man smb.conf
> > > > here you have an example for a smb.conf for suse samba 3 as pdc
> > >
> > > Yes I have the users added to the linux box itself, just whenever I do
> > > smbpasswd -a username I always get that error about the SAM-ACCOUNT
not
> > > being initialized.
> > > > #
> > > >
> > > > # Generated by
> > > > /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
> > > >
> > > > #
> > > >
> > > > [global]
> > > >
> > > > browseable = no
> > > >
> > > > largereadwrite = yes
> > > >
> > > > passwdprogram = /usr/bin/passwd %u
> > > >
> > > > logonscript = login.bat
> > > >
> > > > logonhome = \\%L\%u
> > > >
> > > > bindinterfacesonly = Yes
> > > >
> > > > netbiosname = musi
> > > >
> > > > nameresolveorder = wins bcast hosts
> > > >
> > > > addsharecommand =
> > > > /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
> > > >
> > > > ntaclsupport = yes
> > > >
> > > > deletesharecommand =
> > > > /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
> > > >
> > > > usernamemap = /etc/samba/smbusers
> > > >
> > > > idmapuid = 15000-20000
> > > >
> > > > winshook =
/usr/share/doc/packages/samba3/examples/wins_hook/dns_update
> > > >
> > > > addmachinescript = /usr/sbin/useradd -g Machines -c Machine -d
/dev/null -s
> > > > /bin/false %u
> > > >
> > > > hostmsdfs = Yes
> > > >
> > > > printcapname = cups
> > > >
> > > > deleteuserscript = /usr/sbin/userdel -r %u
> > > >
> > > > domainlogons = yes
> > > >
> > > > shutdownscript = /sbin/shutdown
> > > >
> > > > logfile = /var/log/samba/%m
> > > >
> > > > socketoptions = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF
> > > >
> > > > winsproxy = Yes
> > > >
> > > > logondrive = Z:
> > > >
> > > > addusertogroupscript = /usr/bin/gpasswd -a %u %g
> > > >
> > > > workgroup = MUSI
> > > >
> > > > pampasswordchange = Yes
> > > >
> > > > idmapgid = 15000-20000
> > > >
> > > > domainmaster = yes
> > > >
> > > > adminusers = root, Administrator
> > > >
> > > > timeserver = yes
> > > >
> > > > ldapssl = no
> > > >
> > > > displaycharset = ISO8859-1
> > > >
> > > > addgroupscript = /usr/sbin/groupadd -r %g
> > > >
> > > > abortshutdownscript = /sbin/shutdown -c
> > > >
> > > > deleteuserfromgroupscript = /usr/bin/gpasswd -d %u %g
> > > >
> > > > vetofiles =
> > > >
/*.eml/*.nws/riched20.dll/*.{*}/.AppleDouble/.bin/.AppleDesktop/Network
> > > > Trash Folder/.*/
> > > >
> > > > delete veto files = yes
> > > >
> > > > loglevel = 2
> > > >
> > > > adduserscript = /usr/sbin/useradd -m %u
> > > >
> > > > hidedotfiles = yes
> > > >
> > > > setprimarygroupscript = /usr/sbin/usermod -g '%g' '%u'
> > > >
> > > > usesendfile = Yes
> > > >
> > > > unixcharset = ISO8859-1
> > > >
> > > > interfaces = lo, eth1, eth2
> > > >
> > > > hidefiles = /.*/DesktopFolderDB/TrashFor%m/resource.frk/
> > > >
> > > > hostsallow = 127., 10.10.10.
> > > >
> > > > keepalive = 255
> > > >
> > > > passdbbackend = smbpasswd:/etc/samba/smbpasswd, guest
> > > >
> > > > deletegroupscript = /usr/sbin/groupdel %g
> > > >
> > > > loadprinters = No
> > > >
> > > > serverschannel = Yes
> > > >
> > > > localmaster = yes
> > > >
> > > > unixpasswordsync = Yes
> > > >
> > > > winssupport = Yes
> > > >
> > > > logonpath = \\%L\%U\profile
> > > >
> > > > passwdchat = *password* %n\n *password* %n\n *changed*
> > > >
> > > > changesharecommand =
> > > > /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
> > > >
> > > > doscharset = CP850
> > > >
> > > > syslog = 0
> > > >
> > > > utmp = Yes
> > > >
> > > > oslevel = 255
> > > >
> > > > vfs object = vscan-fprotd netatalk audit recycle:repository
recycle:keeptree
> > > > recycle:versions
> > > >
> > > > ## Section - [files]
> > > >
> > > > [files]
> > > >
> > > > readonly = No
> > > >
> > > > cscpolicy = disable
> > > >
> > > > comment = public files
> > > >
> > > > browseable = yes
> > > >
> > > > writeable = yes
> > > >
> > > > path = /files/pub
> > > >
> > > > guestok = yes
> > > >
> > > > vfs object = vscan-fprotd netatalk audit recycle:repository
recycle:keeptree
> > > > recycle:versions
> > > >
> > > > ## Section - [homes]
> > > >
> > > > [homes]
> > > >
> > > > readonly = No
> > > >
> > > > comment = Home Directories
> > > >
> > > > browseable = No
> > > >
> > > > cscpolicy = disable
> > > >
> > > > guest ok = No
> > > >
> > > > vfs object = vscan-fprotd netatalk audit recycle:repository
recycle:keeptree
> > > > recycle:versions
> > > >
> > > > ## Section - [netlogon]
> > > >
> > > > [netlogon]
> > > >
> > > > sharemodes = No
> > > >
> > > > rootpreexec = /var/lib/samba/netlogon/login.pl %U %G %m %L
> > > >
> > > > comment = Netlogon Share
> > > >
> > > > browseable = No
> > > >
> > > > path = /var/lib/samba/netlogon
> > > >
> > > > guestok = Yes
> > > >
> > > > writelist = @ntadmin
> > > >
> > > > locking = no
> > > >
> > > > public = no
> > > >
> > > > cscpolicy = disable
> > > >
> > > > vfs object = vscan-fprotd netatalk audit recycle:repository
recycle:keeptree
> > > > recycle:versions
> > > >
> > > > ## Section - [smbmonitor]
> > > >
> > > > [smbmonitor]
> > > >
> > > > readonly = No
> > > >
> > > > cscpolicy = disable
> > > >
> > > > comment = security smb logs
> > > >
> > > > browseable = no
> > > >
> > > > writeable = yes
> > > >
> > > > path = /smbmonitor
> > > >
> > > > guestok = yes
> > > >
> > > > vfs object = vscan-fprotd netatalk audit recycle:repository
recycle:keeptree
> > > > recycle:versions
> > > >
> > > > ## Section - [wincd]
> > > >
> > > > [wincd]
> > > >
> > > > readonly = No
> > > >
> > > > cscpolicy = disable
> > > >
> > > > comment = security smb logs
> > > >
> > > > browseable = no
> > > >
> > > > path = /wincd/win2k/mnt
> > > >
> > > > writelist = @ntadmin
> > > >
> > > > guestok = yes
> > > >
> > > > vfs object = vscan-fprotd netatalk audit recycle:repository
recycle:keeptree
> > > > recycle:versions
> > > >
> > > >
> > > >
> > > > ##########################################################
> > > >
> > > > #use this if you want profiles in a seperate share
> > > >
> > > > #[profiles]
> > > >
> > > > # comment = Roaming Profile Share
> > > >
> > > > # path = /files/profiles
> > > >
> > > > # read only = No
> > > >
> > > > # browseable = No
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > #
> > > >
> > > > # end of generated smb.conf
> > > >
> > > > #
> > > >
> > > > Best Regards
> > > > ----- Original Message -----
> > > > From: "lovswr1" <lovswr1 at earthlink.net>
> > > > To: "samba" <samba at lists.samba.org>
> > > > Sent: Sunday, November 16, 2003 7:14 PM
> > > > Subject: [Samba] Can not add users to samba 3.0
> > > >
> > > >
> > > > > Hello, I can not seem to get smbpsswd to add any users to samba.
No
> > > > > matter if I use the CLI, the Webmin module or SWAT I always get
this
> > > > > response when trying to add any user
> > > > >
> > > > > [root at matrix1 samba]# smbpasswd -m -a gerard
> > > > > Failed initialise SAM_ACCOUNT for user gerard$.
> > > > > Failed to modify password entry for user gerard$
> > > > >
> > > > >
> > > > > I take it this has somehting to do with PAM & or shadow passwords,
& I
> > > > > have been lookig for a about a week & the best that I can find
anything
> > > > > related to this 'SAM_ACCOUNT' that resembles my problem, is that I
need
> > > > > to make sure that ./configure (I have no idea which ./confiugure
it is
> > > > > although I suspect that it is the one from a manual build of
samba.
> > > > > Since mine was installed along wtih a bunch of other stuff when I
> > > > > upgraded from RH9 to fedore core 1, I have no idea where it might
be)
> > > > > has PAM & or shadow options enabled.  Any help in this matter
would be
> > > > > greatly appreciated.
> > > > >
> > > > >
> > > > > # Global parameters
> > > > > [global]
> > > > > encrypt passwords = yes
> > > > > unix password sync = yes
> > > > > security = SHARE
> > > > > preferred master = Yes
> > > > > log file = /var/log/samba/%m.log
> > > > > passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> > > > > *passwd:*all*authentication*tokens*updated*successfully*
> > > > > server string = Samba Server
> > > > > pam password change = Yes
> > > > > passwd program = /usr/bin/passwd %u
> > > > > socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
> > > > > dns proxy = No
> > > > > workgroup = MATRIX
> > > > > ldap ssl = no
> > > > > valid users = gerard, lovswr, marlene, vswr
> > > > > max log size = 0
> > > > > printing = cups
> > > > > hosts allow = pc2, freebsd, matrix1
> > > > > guest account =
> > > > >
> > > > > [homes]
> > > > > comment = Home Directories
> > > > > path = /home/public
> > > > > read only = No
> > > > > create mask = 0664
> > > > > directory mask = 0775
> > > > > guest ok = Yes
> > > > >
> > > > > [printers]
> > > > > comment = All Printers
> > > > > path = /var/spool/samba
> > > > > printable = Yes
> > > > > browseable = No
> > > > >
> > > > >
> > > > > --
> > > > > To unsubscribe from this list go to the following URL and read the
> > > > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > > > >
> > > > >
> > > >
> > >
> > >
>
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>




More information about the samba mailing list