[Samba] samba PDC/NIS client

Gaiseric Vandal gaiseric.vandal at gmail.com
Mon Mar 12 12:08:43 MDT 2012 

If your NIS passwd file did NOT have a valid password, maybe samba or 
unix was rejecting logins as a security measure.



On 03/12/12 13:33, Simon Matthews wrote:
> On Sun, Mar 11, 2012 at 4:09 AM, Tony Molloy<tony.molloy at ul.ie>  wrote:
>
>> On Sunday 11 March 2012 05:31:35 Simon Matthews wrote:
>>> On Sat, Mar 10, 2012 at 4:24 PM, Gaiseric Vandal
>>>
>>> <gaiseric.vandal at gmail.com>wrote:
>>>> Do you have password sync enabled?    If password sync is
>>>> enabled, samba will try to use the passwd command to set the
>>>> unix password.  But with nis, you probably might need something
>>>> nis specific. On solaris it was “passwd –r nis” -  not sure
>>>> about linux.    Probably better to just disable password sync.
>> I've got a very similar setup to you. Except I use a smbpasswd file.
>>
>>> No, I don't have this option enabled. I am not sure how it is
>>> relevant. Problem summary:
>>> The samba PDC is an NIS client
>>> "getent passwd" retruns the passwd data.
>>> The user's SAMBA password was set  using smbpasswd
>>> The user's NIS passwd was set using yppasswd
>> So far all the same.
>>
>>> ALL I had to do to allow domain logins was:
>>> ypcat passwd | grep<username>  >>  /etc/passwd
>> Why duplicate the password entries. I just have them in NIS and
>> /etc/passwd just has the system passwords.
>>
>>> Note that after copying the user details to /etc/passwd, the
>>> password that was set with "smbpasswd" was the password that was
>>> used with the successful domain login.
>> Don't really uinderstand what you mean by "domain logins"
>>
>> 1.  Create the user under linux first
>> 2.  Use smbpasswd to add the user to samba
>>
>> You now have a user in both linux and samba but remember the passwords
>> are stored separately, changing one does not change the other.
>>
>> 3.   Edit /etc/nsswitch.conf. Set
>>
>> passwd:    files nis
>> shdow:      files
>>
>
> Removing the "nis" entry from "shadow:" in /etc/nsswitch.conf solved the
> issue. I don't understand why, but it did .
>
> Simon
>
>> That works for me. YMMV
>>
>> Tony
>>
>>> Simon
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>

More information about the samba mailing list