As already said, the man page are very clear. The password program is
the program used to change UNIX passwords. And UNIX passwords are not,
lets say, "samba passwords".
Samba maintains its hashes by its own (that only it uses), but the UNIX
part is configurable.
These options are used if you enable back the unix password sync. Theres
some other options used with LDAP too.
What you will notice if you not sync the UNIX part, is that these
accounts would not be able to be used with the same password by other
services (that don't use the samba NT and LM hashes to authenticate),
you will not be able to log in a shell, for example.
The password chat is the configuration used to know when to feed or to
consider the output a response to the password program, as password
programs doesn't accept passwords in their command line for security
reasons. It works like a program called expect that is used for the same
purpose in automated configurations.
Use these options together if you plan to sync the UNIX part of the set
of passwords with the samba part and you are not using LDAP.
Regards.
Edmundo Valle Neto
Thanks
Andrea
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
