Dont know if this can solve you problem the description i have found was for
NT4 maybee
it is the same problem with Windows 2000. I hope this could solve your
problem
Greetings Rafael
Support knowledgebase (samba_crypt)
Symptom:
>From version NT4.0 NT works with encrypted passwords. While NT4.0 still
works with plaintext passwords (as fallback) NT4.0 incl. servicepack refuses
to work (you may recognize this behaviour by repeating entering the login
and the password a couple of times. Then you will be able to mount a share).
(more on this topic in /usr/doc/packages/samba/ ENCRYPTION.txt).
Solution:
Well, either you may convince NT via its Windows registry to use plaintext
passwords
There is a script in the samba source package called mksmbpasswd.sh. This is
for creating a "special" password file out of the existing one.
mksmbpasswd.sh:
#!/bin/sh
awk 'BEGIN {FS=":"
printf("#\n# SMB password file.\n#\n")
}
{ printf(
"%s:%s:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:%s:
%s:%s\n", $1, $3, $5, $6, $7) }
'
Example:
cat /etc/passwd | mksmbpasswd.sh > /etc/smbpasswd, or
ypcat passwd | mksmbpasswd.sh > /etc/smbpasswd on a NIS server, or client,
respectively.
Thereafter you have to set the permissions of this file: chmod 600
/etc/smbpasswd.
Furthermore be aware that /etc/smbpasswd has been set by default by S.u.S.E.
Well, after a /etc/smbpasswd has been generated a password a user has to be
created. This is done by smbpasswd. If any user may do this the SETUID bit
has to be set (chmod u+s /usr/bin/smbpasswd). Otherwise only root will be
able to change passwords.
Now you have to extend /etc/smb.conf (in global section):
encrypt passwords = yes
If there is more than one samba machine attached it is not necessary to do
so on every machine. Samba is able to get the passwords from another machine
be it an NT server or some other host. To activate this switch you will have
to enter the following lines in the global section:
security = server
password server = YOURSERVER
Make sure that 'YOURSERVER' is the NetBIOS name of the server (NetBIOS and
DNS may differ). NetBIOS names are restricted to a maximum of 15 letters. Of
course you may not enter the options given above on the server itself. This
would create an endless loop.
Important:
Please use an actual samba version (at least ersion 1.9.18p2)!
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
