[Samba] Passwords in 3.0.1rc3 and 3.0.4

Örn Hansen orn.hansen at swipnet.se
Mon Jul 26 22:01:07 GMT 2004


lördag 24 juli 2004 12:20 skrev Andrew Bartlett:
>
> Are these passwords long, or non-ascii?
>
> Make sure the 'unix charset' is correctly set, and try Samba 3.0 SVN.
>
> Andrew Bartlett

Here is a copy of my smb.conf file ... I tried a few variants of the 'unix 
charset' and ended up using the default (which I believe is UTF8 which I want 
anyway).  There are no non-ascii characters in the passwords, and the 
passwords I've tried are 8 characters long. (policy is 6+).

[global]
        log level = 3
#       unix charset = UTF-8
        dos charset = CP850
        workgroup = <group>
        realm = <domain>
        server string = Linux SAMBA
        interfaces = 127.0.0.1 <x.x.x.x>
        bind interfaces only = true
        printing = cups
        printcap name = cups
        load printers = yes
        passdb backend = ldapsam
        domain logons = yes
        domain master = yes
        local master = yes
        os level = 65
        logon path = \\<domain>\profiles\%u
        passwd chat = *New*password* %n\n *Retype*new*password* %n\n *changed*
        passwd program = /usr/local/sbin/smbldap-passwd %u
        add user script = /usr/local/sbin/smbldap-useradd -m "%u"
        add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
        add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
        add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" 
"%g"
        delete user from group script = /usr/local/sbin/smbldap-groupmod -x 
"%u"
 "%g"
        set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" 
"%u"
        #delete user script = /usr/local/sbin/smbldap-userdel "%u"
        #delete group script = /usr/local/sbin/smbldap-groupdel "%g"
        ldap passwd sync = yes
        ldap suffix = ou=userbase,dc=<domain>,dc=<domain2>
        ldap machine suffix = ou=Computers
        ldap user suffix = ou=People
        ldap group suffix = ou=Group
        ldap idmap suffix = ou=Idmap
        ldap admin dn = cn=Manager,dc=<domain>,dc=<domain2>
        ldap filter = (cn=%u)
        ldap ssl = start_tls
        admin users = @"Domain Admins"
        printer admin = @"Print Operators"
        dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
        show add printer wizard = yes
        preserve case = yes
        short preserve case = yes
        case sensitive = no

[homes]
        comment = Home directories
        read only = no
        browseable = no
        create mask = 0640
        directory mask = 0750

[Netlogon]
        path = /var/lib/samba/netlogon
        writeable = no
        locking = no
        root preexec = /usr/local/sbin/ntlogon.py --user=%u --group=%g --os=%m
        root postexec = rm /var/lib/samba/netlogon/%u.bat

[Profiles]
        path = /usr/share/samba/profiles
        read only = no
        create mask = 0600
        directory mask = 0700
        browseable = Yes
        guest ok = Yes
        profile acls = yes
        csc policy = disable
        # next line is a great way to secure the profiles
        force user = %U
        # next line allows administrator to access all profiles
        valid users = %U @"Domain Admins"

[printers]
        comment = All printers
        printer admin = @"Print Operators"
        path = /var/tmp
        printable = yes
        create mask = 0600
        browsable = no
        guest ok = no

[print$]
        comment = Printer Drivers
        path = /var/lib/samba/drivers
        valid users = @"Print Operators"
        write list = @"Print Operators"
        force group = ntadmin
        directory mask = 0775
        browsable = yes
        guest ok = no
        printable = no


More information about the samba mailing list