[Samba] passdb requires /etc/passwd entry?
Craig White
craigwhite at azapple.com
Wed Jul 28 00:03:48 GMT 2004
On Tue, 2004-07-27 at 15:21, Cal Heldenbrand wrote:
> Greetings everyone,
>
> I have a question about the smbpasswd encrypted
> database and /etc/passwd -- why does the passdb
> backend require an entry in /etc/passwd? Is it
> possible to create samba encrypted users without a
> /etc/passwd entry?
---
winbind can handle this chore for you...but normallly, if you are using
security = user, no
---
>
> I have a samba PDC setup that is mainly just a login
> server, then a separate server for $HOME's. I have
> all of my PAM configs setup to remotely authenticate
> to another server with 8000+ users, then pam_smbpass
> migrates passwords to the PDC. The HOME server
> automatically creates $HOME directories, and uses
> winbind for UID mappings against my PDC.
>
> The problem is the password migration in smbpass won't
> work without an /etc/passwd entry, and I don't want to
> potentially have to add 8000 users from a constantly
> changing database.
>
> Is there any workaround for this?
---
try googling pam_mkhomedir - it can create the home directory on the
fly.
---
>
> I've noticed in the source that the check for this is
> done in passdb/passdb.c approx line 947
>
> if (!NT_STATUS_IS_OK(pdb_init_sam_new(&sam_pass,
> user_name, 0)))
>
> But this is in the function local_password_change() --
> If this is modifying the smbpasswd database, why would
> it need to check /etc/passwd? Is this just a sanity
> check, or do I have my samba configs incorrect?
>
> Call me naive, but could I just comment out this
> section of code and see what happens?
---
I can't comment on the intentions of the samba authors as to the reasons
that they have required the samba user to be a local unix user. I would
venture to guess that a search of the samba archives would give you a
lot of history on that.
Craig
More information about the samba
mailing list