Jon Theil Nielsen
2008-Feb-11 01:13 UTC
[Samba] FreeBSD: Changing UNIX passwords from Windows
Hello We have a FreeBSD server (7.0 BETA3) running as PDC (Samba 3.0.28) passwords stored in tdbsam. Theres are no problems for users and machines to log on to the network as long as they use the passwords I have made by smbpasswd -a username. But I cannot make a working configuration which allows users to change their own passwords on the server. They are told something like "You do not have permission to change your password". I guess the problem is the communication between Samba and the server, the passwd chat, but I'm not sure. I have the following lines in smb.conf passwd program = /usr/bin/passwd %u unix password sync = Yes passwd chat = *New*password* %n\n *Retype*new*passwordn* %n\n I'm not sure the chat is correct and would like to hear about what migth be more correct for this version of FreeBSD. I have tried to set passwd chat debug = Yes, but that did not provide any useful (to me, at least) information on the nature of the problem. I haven't tried with PAM, since that is not something I like to play with i FreeBSD. I haven't been able to find much information on this issue between FreeBSD and Samba, bur I'm sure there must be a solution. I don't know if the solution is to use another password database (e.g. LDAP), but this seems to be a rather complicated issue too. Regards, Jon Theil Nielsen
On Mon, 11 Feb 2008 02:06:51 +0100 "Jon Theil Nielsen" <jontheil@gmail.com> wrote:> Hello > > We have a FreeBSD server (7.0 BETA3) running as PDC (Samba 3.0.28) passwords > stored in tdbsam. Theres are no problems for users and machines to log on to > the network as long as they use the passwords I have made by smbpasswd -a > username. But I cannot make a working configuration which allows users to > change their own passwords on the server. They are told something like "You > do not have permission to change your password". I guess the problem is the > communication between Samba and the server, the passwd chat, but I'm not > sure. I have the following lines in smb.conf > > passwd program = /usr/bin/passwd %u > unix password sync = Yes > passwd chat = *New*password* %n\n *Retype*new*passwordn* %n\nMight want to try: passwd chat = *Old*Password* %n\n *New*Password* %n\n *Retype*New*Password* %n\n --hth -- Best regards, Ken Gunderson Q: Because it reverses the logical flow of conversation. A: Why is putting a reply at the top of the message frowned upon?