-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Message: 22 > Date: Sun, 5 Jan 2003 08:21:49 -0800 > From: "Bob" <[EMAIL PROTECTED]> > Reply-To: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Subject: [Samba] mksmbpasswd.sh and passwd sync problems... > > Hello Everyone! > > I've spent quite a bit trying to get these shares to work just right. > I'll past the output of my smb.conf at the end of this message. If > anyone has any advice on this, that would be great. >
> My first problem is that I'm trying to sync up my /etc/passwd with the > /etc/samba/smbpasswd file. (I'm using Mandrake 9.0 and Samba > 2.2.6-1.0.pre2.2.mdk. There have been security updates to 2.2.7, but you may want to wait a bit for 2.2.7a ... > Mandrake puts the smbpasswd file in the > /etc/samba directory. When I do this command > > cat /etc/passwd | mksmbpasswd.sh > /etc/samba/smbpasswd > > It does create a smbpasswd file. However, then None of the users can > log in to the shares. I can log into the win98 client, and then see > the user's home directory, the care directory, and the public > directory but can't log in to them. This command only makes an empty smbpassd file, which really serves no purpose, you may as well just do: # smbpasswd -a <user> for each user Why? The linux and windows password hashes are incompatible, the only way to derive one from the other is to brute-force them. This is the whole reason for the smbpasswd file. > > I've also tried to create the smbpasswd file with webmin, but that > doesn't seem to work either, it gives me three options: > For newly created users, set the password to 1. no password, 2. > account locked, 3. use this password > > What if I want the same password as the linux password? argh! You could use something like pam_smbpass so that if the linux password is changed, that the samba password is also changed. Or, set it to a known value and let the users change the samba password from windows. Or authenticate all other linux services via pam_smb or pam_winbind .... > > The only way I can log into the shares is to actually create an > individual password using smbpasswd -a username. > > What am I missing? I know I have successfully done this in the past? You might want to tell us how ... unless it was using clear-text passwords and hacking the registry on all the clients, and not being able to do domain logons at all. > > > When I do create the password with smbpasswd, I can log in Log in how. Please be clear. Was this into windows? Which version? , see the > shares, and actually log in Again, log in where? >, but Ihave to enter in the password again > to access the shares. Should I have to log in twice? No, you shouldn't be prompted for a password on connecting to a samba server using encrypted passwords if the username and password on the client (what the user logged into windows with) match that of the server > > Sorry for the double questions, Any advice would be very much appreciated. > > Thanks, > > Bob > > # Global parameters > [global] > workgroup = PARADISE > netbios name = SERVER > server string = Linux Server %v > interfaces = 127.0.0.1, 192.168.0.254 > hosts allow = 192.168.0. > security = SHARE ^^^^^^^^^^^^^^^^ You really should use 'security=user' here IMHO. > encrypt passwords = Yes > passwd program = /usr/bin/passwd %u > passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n > unix password sync = Yes > log file = /var/log/samba/log.%m > max log size = 50 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > printcap name = lpstat > dns proxy = No > printing = cups > wins support = yes > os level = 65 > local master = yes > domain master = yes > preferred master = yes > > [homes] > comment = Home Directory > read only = No > browseable = No > > [printers] > comment = All Printers > path = /var/spool/samba > create mask = 0700 > guest ok = Yes > printable = Yes > print command = lpr-cups -P %p %s > # using cups own drivers (use generic PostScript on clients). > lpq command = lpstat -o %p > lprm command = cancel %p-%j > browseable = No > > [public] > comment = Public Directory > path = /home/samba/public > write list = @staff > guest ok = No > read only = No > > [care] > comment = Careware Data > path = /home/samba/careware > valid users = sara, jim, bob > read only = No > browseable = Yes - -- |--------------Another happy Mandrake Club member--------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE+GaEhrJK6UGDSBKcRAunTAJ9TvTfe9961Sl/qERIZnZ8hGw+NWACgv6SQ LexfbQUKJ+89Bcc2ibZm9bc= =J3gY -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba