samba - Aug 2002 - Samba/Linux - Password synchronization problem - solved!!!

ok!

i did everything  as John said and it works!

" %o " is not necessary. so there must be a mistake in the 
book "using samba".

thanks for helping

slawek


----- Original Message -----
From: "John Benedetto" <jbenedet@unm.edu>
To: "Rasmus Reinholdt Nielsen" <rasmus@narani.dk>; "Slawek
W"
<to-slawek@wp.pl>; <samba@lists.samba.org>
Sent: Tuesday, August 13, 2002 4:24 PM
Subject: Re: [SAMBA] Samba/Linux - Password synchronization 
problem


-On Tuesday, August 13, 2002 10:06 AM +0200 Rasmus Reinholdt 
Nielsen
<rasmus@narani.dk> wrote:
> Hi
>
> the "  unix password sync = yes " works the other way around, 
meaning
> that when you change the unix password the samba one is also 
changed. I'm
> not sure you can do it the way you describe.
>
> Rasmus
Unless it's been changed since 2.0.10, the help screens on my 
swat say
different:  They say that when the SMB password is changed, it 
changes the
Unix password as well...

"unix password sync (G)
This boolean parameter controls whether Samba attempts to 
synchronize the
UNIX password with the SMB password when the encrypted SMB 
password in the
smbpasswd file is changed. If this is set to true the program 
specified in
the "passwd program" parameter is called *AS ROOT* - to allow 
the new UNIX
password to be set without access to the old UNIX password (as 
the SMB
password has change code has no access to the old password 
cleartext, only
the new). By default this is set to "false". "

NOw, that might also list the solution for Slawek... you should 
NOT NEED
the %o substitution, because the passwd program is "called as 
root", so you
do not need the old password.  That would mean that you need to 
do your
testing as root, and you *DO* need to change your password 
chat.  Perhaps
you might want to play with the "password chat debug" setting, 
and see what
shows up in your logs (but don't forget to turn it off when 
you're done
testing!)

- john
>
>
> At 09:53 13-08-2002 +0200, Slawek W wrote:
>
>
>> hi, friends!
>>
>>
>> i have samba on mandrake.
>>
>> i want to set encrypted passwords for win98 winNT clients, and
>> also i want to set passwords synchronization to automatically
>> update a user's regular Unix password when the encrypted samba
>> password is changed on the system.
>> i can change user's passwords for samba but synchronization
>> doesn't work.
>>
>> here are some lines from my smb.conf and 'testparm'. what 
causes
>> the ERROR ???
>>
>> --------------------------------------------------------------
--
>> --------------------------------------------------------------
--
>>
>> Load smb config files from smb.conf
>> Processing section "[homes]"
>> Processing section "[test1]"
>> Processing section "[test2]"
>> Processing section "[test3]"
>> Processing section "[samba]"
>> Loaded services file OK.
>> ERROR: the 'passwd chat' script [*passw* %o\n *new*passw* %n\n
>> *new*passw* %n\n *success*] expects to use the old plaintext
>> password via the %o substitution. With encrypted passwords 
this
>> is not possible.
>> Press enter to see a dump of your service definitions
>>
>>
>> ;
>> ; ---------------------------------------------------------
>> ; [globals]      Security and Domain Logon Services
>> ; ---------------------------------------------------------
>> ;
>>     security = user
>> ;
>>     encrypt passwords = yes
>> ;
>>     password level = 1
>> ;
>>     smb passwd file = /etc/samba/private/smbpasswd
>> ;
>>     unix password sync = yes
>> ;
>>     passwd program = /usr/bin/passwd %u
>> ;
>>     passwd chat = *passw* %o\n *new*passw* %n\n *new*passw* %
>> n\n
>> *success*
>> ;
>>     passwd chat debug = yes
>> ;
>>     log level = 100
>> ;
>>     guest account = nobody
>> ;
>> --------------------------------------------------------------
--
>> --------------------------------------------------------------
--
>>
>>
>>
>> i am sure that 'passwd chat' is ok. for my mandrake.
>>
>> slawek
>>
>>
>>
>>


-----------------------------------------------------------------------
Krak?w, Sopot, Zakopane, Hel - miasto na lato :-)
Zaprasza sie? wakacyjnych serwis?w informacyjnych < http://naszemiasto.pl
>