[Samba] Passwords in 3.0.1rc3 and 3.0.4
Örn Hansen
orn.hansen at swipnet.se
Mon Jul 26 22:01:07 GMT 2004
lördag 24 juli 2004 12:20 skrev Andrew Bartlett:
>
> Are these passwords long, or non-ascii?
>
> Make sure the 'unix charset' is correctly set, and try Samba 3.0 SVN.
>
> Andrew Bartlett
Here is a copy of my smb.conf file ... I tried a few variants of the 'unix
charset' and ended up using the default (which I believe is UTF8 which I want
anyway). There are no non-ascii characters in the passwords, and the
passwords I've tried are 8 characters long. (policy is 6+).
[global]
log level = 3
# unix charset = UTF-8
dos charset = CP850
workgroup = <group>
realm = <domain>
server string = Linux SAMBA
interfaces = 127.0.0.1 <x.x.x.x>
bind interfaces only = true
printing = cups
printcap name = cups
load printers = yes
passdb backend = ldapsam
domain logons = yes
domain master = yes
local master = yes
os level = 65
logon path = \\<domain>\profiles\%u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *changed*
passwd program = /usr/local/sbin/smbldap-passwd %u
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
"%u"
"%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g"
"%u"
#delete user script = /usr/local/sbin/smbldap-userdel "%u"
#delete group script = /usr/local/sbin/smbldap-groupdel "%g"
ldap passwd sync = yes
ldap suffix = ou=userbase,dc=<domain>,dc=<domain2>
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=<domain>,dc=<domain2>
ldap filter = (cn=%u)
ldap ssl = start_tls
admin users = @"Domain Admins"
printer admin = @"Print Operators"
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
show add printer wizard = yes
preserve case = yes
short preserve case = yes
case sensitive = no
[homes]
comment = Home directories
read only = no
browseable = no
create mask = 0640
directory mask = 0750
[Netlogon]
path = /var/lib/samba/netlogon
writeable = no
locking = no
root preexec = /usr/local/sbin/ntlogon.py --user=%u --group=%g --os=%m
root postexec = rm /var/lib/samba/netlogon/%u.bat
[Profiles]
path = /usr/share/samba/profiles
read only = no
create mask = 0600
directory mask = 0700
browseable = Yes
guest ok = Yes
profile acls = yes
csc policy = disable
# next line is a great way to secure the profiles
force user = %U
# next line allows administrator to access all profiles
valid users = %U @"Domain Admins"
[printers]
comment = All printers
printer admin = @"Print Operators"
path = /var/tmp
printable = yes
create mask = 0600
browsable = no
guest ok = no
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
valid users = @"Print Operators"
write list = @"Print Operators"
force group = ntadmin
directory mask = 0775
browsable = yes
guest ok = no
printable = no
More information about the samba
mailing list