samba - May 2003 - Users capable of changing SAMBA passwords?

Hello:

I am an intern-system administrator for a company, and I am
test-installing SAMBA on a development server for later proposal to the
company management for full roll-out of SAMBA across our file sharing
systems.

I searched the archives of the samba@lists.samba.org mailman list, and did
not see any questions of this nature for the last two months. 
Additionally, I exhausted my search on google for the answers to this
question.  I apologize in advance if I did not search hard enough. 
(trying to avert flames, if possible!)

Is there a way that a user can change his/her own SMBPASSWORD and/or UNIX
(Linux) password without having to grant SSH access to the Samba server
box?

I thought I saw mention of a utility but it appeared to be deprecated.	

Any assistance with this matter would be greatly appreciated!

TIA,
Gregg Sperling
gs-list@glsrms.com

I have finally gotten this to work so I guess I'll try and answer 
this.  Searching for the right answer for your installation in the mailing 
list archives can be time consuming.

Yes.  Depending on your installation, getting the passwords to sync and be 
the same, may be a little bit of a chore.  For example, I setup Kerberos w/ 
Ldap for my UNIX authentication.  Using PAM, I was able to get all of the 
services I need to authenticate through kerberos.  The samba 2.2 domain 
setup was easy.  Allowing the users to be able to change their domain 
password (samba) and sync it with the UNIX password took a little bit of 
time.  Mainly, it was getting the finding the way for root to be able to 
change a user's password WITHOUT asking for the current (old) 
password.  After finally reading the man pages carefully (RTFM), I read 
that in order for the old password to be used, the passwd program must read 
the old password in plain text.  With encrypted passwords turned on, there 
wasn't a way to do this.  (Not that I found anyway)  Trying to search for 
that info in the archives came up with a few hundred results but none of 
them (at least what I had the patience to read) said this. So, I plugged 
away at this for a few hours until finally finding it.

Some people use Web cgi programs to sync both passwords, which works and is 
usually very simple to setup.  Being that I didn't want the users to 
noticed a difference in the change over from an NT server to samba, I went 
with the route of getting the Windows password change command to work.  The 
web cgi programs are nice because it can let the user change just one of 
their passwords. (Why they would change just one and not have them both be 
the same, is beyond me but there is always someone who needs this 
functionality somewhere for some reason.)

Hope some of this helps.

Doug

At 05:34 PM 5/12/2003 -0500, Gregg Sperling wrote:
>Hello:
>
>I am an intern-system administrator for a company, and I am
>test-installing SAMBA on a development server for later proposal to the
>company management for full roll-out of SAMBA across our file sharing
>systems.
>
>I searched the archives of the samba@lists.samba.org mailman list, and did
>not see any questions of this nature for the last two months.
>Additionally, I exhausted my search on google for the answers to this
>question.  I apologize in advance if I did not search hard enough.
>(trying to avert flames, if possible!)
>
>Is there a way that a user can change his/her own SMBPASSWORD and/or UNIX
>(Linux) password without having to grant SSH access to the Samba server
>box?
>
>I thought I saw mention of a utility but it appeared to be deprecated.
>
>Any assistance with this matter would be greatly appreciated!
>
>TIA,
>Gregg Sperling
>gs-list@glsrms.com
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba