[Samba] changing passwords from Windows XP Pro workstations
rdpitti at globaltecsa.com
Thu Mar 30 17:44:07 GMT 2006
Gary Dale wrote:
> Craig White wrote:
>> I'm keeping this on list.
>> On Thu, 2006-03-30 at 08:52 -0500, Gary Dale wrote:
>>> Craig White wrote:
>>>> if I was going to guess...I think your problems are...
>>>> see items #3 through #7
>>>> you don't have a passwd chat script as I recall. That's probably
>>>> your setup should track this setup as I see it.
>>>> since you have no interest in advancing your skills, count me out next
>>>> time unless you learn to ask simple questions. The simple truth is, if
>>>> you want know little, point and click Windows network administration,
>>>> you are probably better off using a Microsoft Windows server.
>>>> My interest is in helping people that actually are interested in
>>>> learning something, yes gasp, those that actually do want to become
>>>> expert. Lastly, I would heavily suggest you forget about LDAP until
>>>> attitude changes because it is hostile to administrators that don't
>>>> to become knowledgdable.
>>> Thanks Craig. I think you'll see a problem here. You suggest that
>>> the issue may be a lack of a passwd chat script, while two others
>>> suggest I remove the passwd chat script - which is almost identical
>>> to the one in the second URL you just gave.
>>> The issue isn't about whether people want to learn. It's about how
>>> much they have to learn to get things to work. If something takes
>>> too much effort, in the real world it doesn't get done. There is
>>> nothing inherently complicated about managing a directory service.
>>> Look at the simple Linux tools for user or printer administration
>>> for proof. I see no virtue in making Samba-LDAP configuration a
>>> black art. A basic setup should be easy to achieve. In fact, from
>>> what I have been reading, LDAP should be the standard Samba backend.
>>> That won't happen if people have to spend a week or more learning
>>> how to use it.
>> You completely do not get it.
>> Samba is infinitely configurable.
>> Windows - at the moment of setup you have to choose the role for a
>> server, whether a domain controller or a member server. The workstation
>> is sold separately.
>> Samba provides all of those roles including a Windows 95/98 server too.
>> There is no way that anyone can solve your problem with any certainty
>> without suitable logs, an inspection of your tdbsam and your /etc/passwd
>> files AND the smb.conf, the whole of which you dumped on us last night
>> and undoubtedly have changed many times since. Proper mail list
>> etiquette and a commitment to demonstrating that you are actually
>> focused on the problem would dictate that you limit those items to only
>> the minimum necessary logs, smb.conf, etc.
>> Your information is incomplete and as I stated last night, I am not
>> going to speculate any further on your problems. In fact, your reply has
>> made me sorry that I even speculated on the solution to your problem.
>> As for my 'seeing' the problem - that being in your mind - different
>> suggestions to solve your problem - that is absolutely absurd.
>> ***The problem*** is you don't know how to provide the information with
>> which someone can tell you what the definitive solution would be.
>> As for your suggestion that Samba-LDAP a black art...Samba is Samba and
>> LDAP is LDAP - you understand neither package so expecting them to work
>> for you is a rather pointless endeavor. Knowledge is power and you
>> appear to be lacking both. Yet you expect them to work for you even
>> though you don't understand them nor wish to understand them - I wish
>> you luck.
>> Let me be blunt - you are a help vampire. Please don't email me any more
>> until you change your ways.
> Under your rules, it is up to the patient to figure out what tests
> need to be performed before visiting the doctor. :)
> I have always regarded the help process as a dialogue - maybe that
> comes from my having worked in systems support at one time, or maybe
> it comes from my being a systems consultant (both inhouse and contract
> at various times) - but I have never expected the customer to tell me
> what is wrong in a manner that I can immediately say "here's what you
> have to do".
> In my experience, the customer/patient comes to the experts with a
> problem. The experts dig around to determine what the issue really is,
> including asking for specific tests or more information. Then they
> make a diagnosis and prescribe a treatment/solution.
> Insulting the patient/customer is usually not a good way to go about
> things. I've been working with PCs since 1978 and with Linux since
> 1998. I put a lot of effort into learning about making things work.
> And according the the Mensa test, I'm not stupid. :) But I'm also not
> someone who has a narrowly defined role. My customers expect me to be
> broadly knowledgeable on just about every topic associated with
> computers. Even if I became an LDAP guru, I'd be unlikely to maintain
> that level of expertice for long. That is a fact of life in the real
> Responding to your particular criticism about what I did post: You
> have demonstrated on several occaisions that you haven't read or
> understood my posts. You have said that you weren't sure what setup I
> was using LDAP or tdbsam) when my post stated I was using tdbsam. You
> said I didn't have a passwd change dialogue, when the smb.conf I
> posted did. And you said that I posted the entire smb.conf when I
> clearly indicated that I had trimmed unnecessary parts from it.
> I note however that this exchange has generated some helpful tips on
> resolving the problem. This is in sharp contrast to my earlier posts
> on the topic last September, and my recent posts on problems with
> LDAP, both of which were largely ignored (except for an exchange with
> Jeremy Allison which didn't resolve the problem). My "style" of
> posting this time seems to have achieved results, so if you object to
> it, perhaps you should look at your "style" of figuring out who to
> respond to. :) If I'd had this level of response last year, or even in
> my LDAP posts, things would have been a lot simpler for me.
> BTW: Windows, the last time I looked (which was W2K), allows you to
> change server roles. You can add or remove domain control
> functionality easily. And I recall using a third-party tool to promote
> and demote NT domain controllers before W2K (actually, it was helpful
> in moving the organization from NT to W2K and in restructuring the
> domain setup).
> I'm not going to defend Windows, but I'm also not going to resort to
> hyperbole about Linux being "infinitely configurable". There are only
> a small number of reasonable backends for Samba. They are tdbsam, LDAP
> and MySQL. Clear, straightforward configuration of each is not
> unachievable. It's only one more backend than Windows domains have (NT
> and ADS).
> Anyway Craig, thanks for your input. You've been quite helpful.
Raúl D. Pittí Palma
Global Engineering and Technologies
Republic of Panama
More information about the samba