[Samba] Winbind : change users password delegation

Prunk Dump prunkdump at gmail.com
Thu Sep 25 11:06:36 MDT 2014 

2014-09-25 9:02 GMT+02:00 Ashish Yadav <gwalashish at gmail.com>:
> Hi,
>
> On Thu, Sep 25, 2014 at 12:03 PM, Prunk Dump <prunkdump at gmail.com> wrote:
>>
>> Hello,
>>
>> I'am the network administrator of a French high-school where Samba4 is
>> used as PDC for Debian Wheezy hosts.
>>
>> Winbind works very well when users and groups have their POSIX AD
>> parameters sets.
>>
>> All the users can change their own password through winbind with the
>> "passwd" command.
>>
>> I would like to delegate the possibility to certain users to change
>> some other user passwords with a command like "teacheruser# passwd
>> studentuser".
>>
>> Is this implemented through winbind ?
>>
>> Ideally, I have a group named "Teachers" and a group named "Student",
>> I would like that all the members of the "Teachers" group can change
>> the password of the users in the "Students" group.
>>
>> Is this possible ?
>
>
> This can achieved in my opinion. For that you have to follow this method.
>
> 1. You have install sudo packages on every client side.
> 2. After that allow "Teachers" group to access "/usr/bin/passwd" command
> without password or with password in /etc/sudoers file. You can play with
> this to modify as per as your need. It is very flexible.
> 3.  After that all members of "Teachers" group will be able to changes
> password of any "Students" group.
>
> I have given a simple solution which should solve your problem. If you find
> any another solution then share it.
>
>>
>>
>> Thanks !
>>
>> Baptiste.
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>
>
>
>
> --
> Regards
> Ashishkumar S. Yadav

Thank you ! But I have made a mistake.

For the "passwd" command the user need to now the old password !

I want that the users in the "teachers" group can reset the password
of the users in the "students" group without knowing the old password.

I can't find how to do this with the "net" command .... even with the
administrator account !

Does anyone know how manage remotely the samba user's password ?

Thank you very much !

Baptiste.

More information about the samba mailing list