[Samba] Samba4 creating users
Rowland Penny
rpenny at samba.org
Tue Sep 4 17:55:45 UTC 2018
On Tue, 4 Sep 2018 12:31:57 -0400
David Mehler <dave.mehler at gmail.com> wrote:
> Hello,
>
> Thanks for your reply. I've included my smb.conf file below. I put a
> few in-laid questions in it with # signs they are not on the server
> just this file. If the file is missing anything let me know.
>
I have reworked your smb.conf by removing the comments and default
settings:
[global]
workgroup = example
wins support = yes
dns proxy = no
interfaces = 127.0.0.0/8 br0
bind interfaces only = yes
log file = /var/log/samba/log.%m
max log size = 1000
server role = standalone server
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
security = user
# Does enabling obey pam restrictions invalidate unix password sync,
passwd program, and passwd chat?
No, but then again it doesn't actually do anything, because there is the
default setting 'encrypt passwords = yes' If you read 'man smb.conf'
under 'obey pam restrictions' you will find this:
Note that Samba always ignores PAM for authentication in the case of
encrypt passwords = yes. The reason is that PAM modules cannot support the
challenge/response authentication mechanism needed in the presence
of SMB password encryption.
So, there isn't much point in setting it ;-)
I think your problem may be NTLMv1, this was turned of at 4.5.0, but
your other machines may be trying to use it, there is an easy check for
this, add 'ntlm auth = yes' to your smb.conf and restart samba, if this
fixes your problem then you need to stop your other machines using
NTLMv1
If it doesn't then it could be the use of the bridge ?
Rowland
More information about the samba
mailing list