[Samba] Re: Changing Domain Passwords

jamrock news_jamrock at yahoo.com
Mon Mar 9 10:23:41 GMT 2009

"Nigel Allen" <dna at edrs.com.au> wrote in message
news:49B4665B.9010401 at edrs.com.au...
> Greetings
> Can anyone tell me if this is possible?
> Given a network of Linux based servers with a Linux based PDC (Centos
> 3.9) running samba 3.0.26a and NIS with Windows-XP clients, we want to
> enforce password changing policies for the Windows Domain.
> We want to have users able to change their own passwords at required but
> with some control over minimum complexity, re-use etc. We want them to
> be able to change their passwords from the XP workstations and have that
> change propagated to samba and to NIS without any intervention.
> I have tried to implement this but seem to constantly run into problems
> with PAM. If we switch off pam password change in smb.conf, we can
> change passwords from the workstation but they don't get propagated. The
> only way I have been able to achieve what we want is by getting someome
> with root access to change passwords for the end users (not something we
> want to make a habit of).
> Any input would be /very/ gratefullt accepted.
> Rgds
> Nigel.
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

I find it a lot easier to set up Samba using OpenLDAP for authentication.  I
use the NT 4.0 tool User Manager for Domains to manage users.

Take a look at Samba by Example for detailed information on creating a PDC
with Samba and LDAP.  Chapter 5 "Making Happy Users" has this info. and

It is important to set all of this up in a test environment before making
changes to your production system.

You may also want to use more recent versions of  CentOS and Samba.

More information about the samba mailing list