[Samba] Re: Password Syncing
Stephen Le
zeroion at gmail.com
Wed Aug 25 20:48:14 GMT 2004
On Mon, 16 Aug 2004 10:23:53 +0200, Ulf Dettmer
<ulf.dettmer at imk.fraunhofer.de> wrote:
> Hi,
> the file you need to modify is /etc/pam.d/passwd . You should include a
> line like this:
> password required pam_smbpass.so use_authtok use_first_pass
> smbconf=/etc/samba/smb.conf
> cheers, Ulf
Thanks for your reply. Sorry for the delay, but I was testing your suggestion.
I'm running Debian Sarge, and I placed your suggested line at the end
of /etc/pam.d/passwd. It works fine, for the most part, but there's
two critical bugs:
1) On my system, passwords are checked for strength. So, if a user
attempts to change their Linux account password to a weak password,
passwd will reject the weak password and prompt the user for a new
one.
For some reason, even if the new password is rejected by passwd, the
user's smbpasswd is changed. This is a big issue, as the two passwords
will become out of sync and users will be unable to change their
password (since they have to verify their password first).
2) Adding a new user fails because the new user is not already in
Samba's password database.
If you could provide a fix, or more information, I'd be really thankful.
My configuration files follow:
/etc/pam.d/passwd:
@include common-password
password required pam_smbpass.so use_authtok use_first_pass
smbconf=/etc/samba/smb.conf
/etc/pam.d/common-password:
password required pam_unix.so nullok obscure min=4 max=8 md5
-Stephen Le
More information about the samba
mailing list