Passwords, Shadow Password and Samba Passwords

[Paul Clark]

I am trying to set up Samba to share a printer on my network. I am using Potato 
2.2r2. 

I can see the Linux computer from Win98 but cannot enter the required password. 
I notice from /var/log/samba that there is a problem with no 
/etc/samba/smbpasswd entry for user 'default'. There is no /etc/samba/smbpasswd 
and this was an option from sambaconfig.

I have read that the problem may be that Samba is not complied for shadow 
passwords? I believe I chose these when originally installing potato. I do not 
know how to create /etc/samba/smbpasswd. The command smbpasswd reports an error 
on any password for any user. Even the user 'default' that I created. It does 
create an /etc/samba/smbpasswd but with just a header comment that does not 
show the requuired format.

Any clues to where I am going wrong?

Paul Clark

Re: Passwords, Shadow Password and Samba Passwords

[Josep Llauradó Selvas]

A few month ago I had the same problem, and a lot of people here solved
all my doubts... there are the abstract of the 'Samba Passwords Amazing
History':

Situation:

1. Samba allows the use of PAM (aka shadow passwords if you
  configure it) and authentification through smbpasswd.
2. Win98 by default, only allows encripted authentification
3. Encripted authentification only can be done under samba using
  smbpasswd, 'cos the encription mechanism is diferent between
  Windows and Un*xes, and samba uses the same mechanism as Windows 
  in his smbpasswd file.

Solution:

1. You can add users using the command smbpasswd, that creates the
  smbpasswd file, and then use the option 'encrypt passwords = yes' 
  into the smb.conf file.

2. You can disable the encripted authentification from Win98
  updating a parameter into Windows Registry (into Samba.org's ftp
  you can found a Win98_PlainPassword.reg file that does it), and
  then selecting the 'encrypt passwords = no' option. Before it
  the samba daemon will use the PAM system to authentificate
  users, as any other service. This option sends the passwords in
  plain text, but the mechanism from Windows isn't secure, 'cos
  you send a hashed password that is the same every time...

Well, If you have any problem I can send you more detailed instructions
off-the-list, and I can send you the registry file.

Bye, and Good Luck!

On Mon, 5 Feb 2001, Paul Clark wrote:

 I am trying to set up Samba to share a printer on my network. I am using 
Potato 2.2r2. 
 
 I can see the Linux computer from Win98 but cannot enter the required 
password. I notice from /var/log/samba that there is a problem with no 
/etc/samba/smbpasswd entry for user 'default'. There is no /etc/samba/smbpasswd 
and this was an option from sambaconfig.
 
 I have read that the problem may be that Samba is not complied for shadow 
passwords? I believe I chose these when originally installing potato. I do not 
know how to create /etc/samba/smbpasswd. The command smbpasswd reports an error 
on any password for any user. Even the user 'default' that I created. It does 
create an /etc/samba/smbpasswd but with just a header comment that does not 
show the requuired format.
 
 Any clues to where I am going wrong?
 
 Paul Clark
 
 
 -- 
 To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
 with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
 

_
Josep Llauradó Selvas   [EMAIL PROTECTED]
  Linux Registered User #153481
KeyFP: D82F 525C DD22 02C9 6909  20D6 F622 F3E8 18CD C548
The only intuitive interface is the nipple.
After that, it's all learned.
(in comp.os.linux.misc, on X interfaces.)
_

RE: samba Passwords

[CHEONG, Shu Yang \(Patrick\)]

I have always found SWAT (Samba Web Administration Tool) to be very
handy when it comes to managing your smb.conf and smbpasswd. Give it a
try


Cheers.

Patrick

My apologies to the person who coined this but I LIKE IT...

Where do you want to go today?
Far, far away from Redmond.
Dead fish go with the flow of the river.

 -Original Message-
 From: Jay Kelly [SMTP:[EMAIL PROTECTED]
 Sent: Saturday, July 08, 2000 7:39 AM
 To:   debian-user@lists.debian.org
 Subject:  samba Passwords
 
 Hello Group,
 Well thanks to the list I got Samba working for the most part.
 It seems I didnt have the smb.conf configured right. I have a shared 
 directory that I can access fine but when I try to access the
 /home/user directory I am promt for a password. I then enter
 the password but it fails. I looked in the smbpasswd file but its
 empty. So I tried smbpasswd neutec but after entering the pass I
 receive an error that it failed to add it. So my first question is
 how to add new users to Samba ? And I read somewhere that if I want to
 share a CD-Rom I will need to add something to the fstab file. What
 do I need to add there ? I cant find the man page on this. And for
 my last question, Does anyone know where I can get some info on
 setting up Samba as a Domain Controller?
 Thanks again guys for all your help.
 Its been great
 Jay
 -- 
 
 It feels so good, It's a marginal risk, when I clear off windows with
 fdisk  
 
 Powered by Debian GNU/Linux. 
 http://www.debian.org
  
 
 
 -- 
 Unsubscribe?  mail -s unsubscribe [EMAIL PROTECTED] 
 /dev/null

samba Passwords

[Jay Kelly]

Hello Group,
Well thanks to the list I got Samba working for the most part.
It seems I didnt have the smb.conf configured right. I have a shared 
directory that I can access fine but when I try to access the
/home/user directory I am promt for a password. I then enter
the password but it fails. I looked in the smbpasswd file but its
empty. So I tried smbpasswd neutec but after entering the pass I
receive an error that it failed to add it. So my first question is
how to add new users to Samba ? And I read somewhere that if I want to
share a CD-Rom I will need to add something to the fstab file. What
do I need to add there ? I cant find the man page on this. And for
my last question, Does anyone know where I can get some info on
setting up Samba as a Domain Controller?
Thanks again guys for all your help.
Its been great
Jay
-- 

It feels so good, It's a marginal risk, when I clear off windows with fdisk 
 

Powered by Debian GNU/Linux. 
http://www.debian.org
 

Re: samba Passwords

[C. Falconer]

1) As root, runsmbpasswd -a newusername
That will add newusername to the smbpasswd file and set the password for you.

2) CDROMs
Make sure your /etc/fstab contains a line like this
/dev/hdd  /cdrom  iso9660 defaults,ro,user,noauto 0   0

then make sure theres a section like this in /etc/samba/smb.conf

; A sample share for sharing your CD-ROM with others.
[cdrom]
   comment = Samba server's CD-ROM
   writable = no
   locking = no
   path = /cdrom
   public = yes
; The next two parameters show how to auto-mount a CD-ROM when the
;   cdrom share is accesed. For this to work /etc/fstab must contain
;   an entry like this:
;   /dev/scd0   /cdrom  iso9660 defaults,noauto,ro,user   0 0
;   /dev/hdd/cdrom  iso9660 defaults,noauto,ro,user   0 0
; The CD-ROM gets unmounted automatically after the connection to the
; If you don't want to use auto-mounting/unmounting make sure the CD
;   is mounted on /cdrom
   preexec = /bin/mount /cdrom
   postexec = /bin/umount /cdrom

That will automatically mount the cd if a client machine requests it.

3) Samba as a domain controller.

Firstly samba CANNOT act as a PDC for a NT network, neither can it partake 
in elections as a BDC to an existing NT server.


What samba can do is use an existing NT server to authenticate usernames 
and passwords from, or it can act as a domain controller for win9x clients 
(that means not NT or 2000 (not sure about ME))


My suggestion is to look at either buying Using Samba by O'Reilly or look 
at the samba website www.samba.org



At 04:39 PM 7/7/00 -0700, you wrote:
...I have a shared directory that I can access fine but when I try to 
access the

/home/user directory I am promted for a password. I then enter
the password but it fails. I looked in the smbpasswd file but its
empty. So I tried smbpasswd neutec but after entering the pass I
receive an error that it failed to add it. So my first question is
how to add new users to Samba ? And I read somewhere that if I want to
share a CD-Rom I will need to add something to the fstab file. What
do I need to add there ? I cant find the man page on this. And for
my last question, Does anyone know where I can get some info on
setting up Samba as a Domain Controller?


--
Criggie

Samba passwords

[David Wright]

Quoting Lindsay Allen ([EMAIL PROTECTED]):
 
 I can't help with unloads because I can't get them loaded in the first
 place.

New thread please.

 clientserver  result
 
 w98   samba   ok
 w98   nt4 ok
 smbmount  w98 ok
 smbmount  samba   ok
 smbmount  nt4 fail
 
 In other words, I can smbmount everything except an nt4 share.  If I can
 do it from w98 it cannot be a password or encryption problem, can it?  Any
 ideas please?  
 
 This is vital as we plan on using Debian workstations in the classroom and
 users must be able to mount their home directories.

Could it be FAQ 3.8?

  3.8.  I've applied NT 4.0 SP3, and now I can't access Samba shares,
  Why?

  As of SP3, Microsoft has decided that they will no longer default to
  passing clear text passwords over the network.  To enable access to
  Samba shares from NT 4.0 SP3, you must do ONE of two things:

  1. Set the Samba configuration option 'security = user' and implement
 all of the stuff detailed in ENCRYPTION.txt
 ftp://samba.anu.edu.au/pub/samba/docs/ENCRYPTION.txt.

  2. Follow Microsoft's directions for setting your NT box to allow
 plain text passwords. see Knowledge Base Article Q166730
 http://www.microsoft.com/kb/articles/q166/7/30.htm

Cheers,

-- 
Email:  [EMAIL PROTECTED]   Tel: +44 1908 653 739  Fax: +44 1908 655 151
Snail:  David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA
Disclaimer:   These addresses are only for reaching me, and do not signify
official stationery. Views expressed here are either my own or plagiarised.

samba passwords

[Andrew McRobert]

hi

I've had this problem for a while, hoping someone knows what is causing it.
Users are unable to change their passwords for samba either through the SWAT
interface or through smbpasswd at the command line. THe error is:
-
machine 127.0.0.1 rejected the session setup. Error was : ERRSRV - ERRbadpw
(Bad password - name/password pair in a Tree Connect or Session Setup are
invalid.).
Failed to change password for [user]

however, root can change passwords either through SWAT or the shell. I'm
using:

samba 2.0.7-2
kernel 2.2.14
shadow passwords

thanks!!

Andrew
-
Andrew McRobert LLB B.Sc(Comp. Sci)
IT Officer, School of Law
MURDOCH UNIVERSITY
Ph: 9360 6479
Fax: 9310 6671
e-mail: [EMAIL PROTECTED]
The lottery: a tax on people who are bad at math

Samba passwords - Session setup error

[Andrew McRobert]

hi all

I'm getting the following error when a normal user tries to change their
password through SWAT, or through smbpasswd @ the command line:

machine 127.0.0.1 rejected the session setup. Error was : ERRSRV - ERRbadpw
(Bad password - name/password pair in a Tree Connect or Session Setup are
invalid.).
The passwd for 'mcrobert' has NOT been changed
The only explanation given in FAQs is that the interfaces list must
include 127.0.0.1. However, this doesn't work - I've tried the following
values for this setting (eth0  [server ip]/22 127.0.0.1). The odd thing
is that root can use either SWAT or smbpasswd on command line to change a
user's password. Perhaps the problem has something to do with the fact that
the smbpasswd program can't read the existing user password from
/etc/samba/smbpasswd (as the root user doesn't care about the old password).
Any help would be greatly appreciated.
Andrew


-
Andrew McRobert LLB B.Sc(Comp. Sci)
IT Officer, School of Law
MURDOCH UNIVERSITY
Ph: 9360 6479
Fax: 9310 6671
e-mail: [EMAIL PROTECTED]

Samba: Passwords to print??

[Jay Barbee]

Hello,

Can I let everyone in my office print to a Samba printer share, and not
have them authentic as a user.   I would rather allow every IP in my
Domain/Subnet to print without asking for passwords.  And then I can deny
the rest of the world.  Again, I only want to do this for printers, not all
shares.  Is it possible?

--Jay

Samba passwords

[Brian Morgan]

Does anyone know how to set a Samba user password to NONE, if a password
already exists?  I've tried smbpasswd [user] and hit return twice, only
to find that Samba password not changed.  I've also tried modifying
the /etc/samba/debian_config file to
password set = no, and it still requires my previous password.
Anything else I can do to eliminate the Samba password?

Thanks,

Brian Morgan
--
Brian Morgan[EMAIL PROTECTED]
Computer Service Specialist  [EMAIL PROTECTED]
Greenville College  http://www.gvc.net/~jedi

 
El Nino shot JFK

Re: Samba passwords

[Kyle Amon]

RTFM... /usr/doc/samba/ENCRYPTION.txt.gz

- Kyle

On Wed, 19 Aug 1998, Brian Morgan wrote:

 Does anyone know how to set a Samba user password to NONE, if a password
 already exists?  I've tried smbpasswd [user] and hit return twice, only
 to find that Samba password not changed.  I've also tried modifying
 the /etc/samba/debian_config file to
 password set = no, and it still requires my previous password.
 Anything else I can do to eliminate the Samba password?
 
 Thanks,
 
 Brian Morgan
 --
 Brian Morgan[EMAIL PROTECTED]
 Computer Service Specialist  [EMAIL PROTECTED]
 Greenville College  http://www.gvc.net/~jedi
 
  
 El Nino shot JFK
 
 
 
 --  
 Unsubscribe?  mail -s unsubscribe [EMAIL PROTECTED]  /dev/null
 

Kyle Amon email: [EMAIL PROTECTED]
Unix Systems Administratorphone: (203) 486-3290
Security Specialist   pager: 1-800-759- PIN 1616512
IBM Global Services  or [EMAIL PROTECTED]
  email: [EMAIL PROTECTED]
  url:   http://www.gnutec.com/kyle
KeyID 1024/26DD13D9
Fingerprint = 7D 86 D1 AE 4B E9 91 6A  4B BC B5 B4 12 F0 D3 1A

GNU does not eliminate all the world's problems, only some of them. 

- Richard Stallman
  The GNU Manifesto, 1985

Re: Samba passwords

[peloy]

Hi,

Brian Morgan [EMAIL PROTECTED] wrote:

 Does anyone know how to set a Samba user password to NONE, if a password
 already exists?  I've tried smbpasswd [user] and hit return twice, only
 to find that Samba password not changed. 

Well, firstly, are you using password encryption? If you are, then
passwords are stored in /etc/smbpasswd and you need to fill that file
with valid account names and passwords (hint: use smbpasswd -a
username).

If not, then the security depends on the setting of the security =
parameter in /etc/smb.conf.

Recommended readings are: /usr/doc/samba/{ENCRYPTION.txt,security_level.txt}

Finally, Samba by default does not allow acces to accounts that have
null passwords. To change this add this to the [global] section of
/etc/smb.conf:

null passwords = yes

See man smb.conf for more info.

Regards,

peloy.-

Samba, Passwords PAM -- Help (hamm)

[Bill Leach]

Need help.  I set up Samba to let me network a Windoz 3.11 box (yuck)
with my main debian Linux machine:
Pentium 48MB
Kernel version 2.0.30
smbd Version 1.9.16p11

Passwords do not seem to work.  If I set /etc/samb.conf so that the
various services are 'public' then those services are available and work
from either smbclient or the Windoz box.  Anything set up to require a
password though failes--both ways.  Attempting to use smbclient to login
to the windoz box also fails.

One error message that does baffle me a bit is that I get something
like:  Server gave us a UID of 100. We gave 1000 with the second UID
matching the particular Linux login name.

This is probably just a real good example of 'ignorance at work' but I
also note that adding a -U login name does not alter the UIDs printed
out.  Also, the UID '100' makes no sense to me at all.

The machine has shadow passwords and PAM installed.  PPP seems to work
OK with the PAM as does NFS.

The notes for Samba (in /usr/doc) mention that this particular Samba IS
compiled for PAM support but I can't find anything on how to set it up
(plus I am still suspicious about the UID '100' thing).


-- 
best,
-bill
  [EMAIL PROTECTED]  [EMAIL PROTECTED]
   [EMAIL PROTECTED]  [EMAIL PROTECTED]
from a 1996 Micro$loth ad campaign:
The less you know about computers the more you want Micro$oft!
 See!  They do get some things right!


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]