please help me. Why I cannot create a user with smbpasswd without having this username in /etc/passwd??? ################### bash-2.05# smbpasswd -a testaccount New SMB password: Retype new SMB password: Failed to initialise SAM_ACCOUNT for user testaccount. Failed to modify password entry for user testaccount bash-2.05# ############## my global in smb.conf [global] workgroup = J9_C server string = %h server (Samba %v) dns proxy = no log file = /usr/local/samba/var/log.%m passdb backend = tdbsam smbpasswd invalid users = root passwd program = /bin/passwd %u socket options = TCP_NODELAY I compilled my samba using ./configure --prefix=/usr/local/samba --with-pam --with-pam_smbpass --with-acl-support and made a solaris package.
Samba utilizes the UNIX File permissions for telling Windows machines who can do what with a file. Due to this, you have a decent User and Group set of controls you can place on the files/directories that you choose to share with Samba. Without having users in the passwd file, Samba wouldn't be able to utilize those access rights. Yeah, it can be a paine, but it does a good job. If having multiple user account information to track is a pain, may I suggest converting to NIS or LDAP for user authentication? -Rob Alexander Varga wrote:>please help me. >Why I cannot create a user with smbpasswd without having this username in /etc/passwd??? >################### >bash-2.05# smbpasswd -a testaccount >New SMB password: >Retype new SMB password: > >Failed to initialise SAM_ACCOUNT for user testaccount. >Failed to modify password entry for user testaccount >bash-2.05# >############## >my global in smb.conf >[global] > workgroup = J9_C > server string = %h server (Samba %v) > dns proxy = no > log file = /usr/local/samba/var/log.%m > passdb backend = tdbsam smbpasswd > invalid users = root > passwd program = /bin/passwd %u > socket options = TCP_NODELAY > >I compilled my samba using >./configure --prefix=/usr/local/samba --with-pam --with-pam_smbpass --with-acl-support >and made a solaris package. > > > > >
Thanx ...and yes. It is realy a big trouble with lot of users. I tryed ldap, but hence my LDAP server is an Novel eDirectory, I am not realy familiar with it and couldn't find any advice on google to configurte it right(the problem I have is to use the right filters while searchyng the LDAP accounts and rights). I read about winbind. ... would it be a solution for me, or better try it once again with LDAP? I need also do manage access to directoryes with restrictions. maybe pam could do that. ... some suggestions?>>> Robert Adkins <radkins@impelind.com> 06/29/04 04:20PM >>>Samba utilizes the UNIX File permissions for telling Windows machines who can do what with a file. Due to this, you have a decent User and Group set of controls you can place on the files/directories that you choose to share with Samba. Without having users in the passwd file, Samba wouldn't be able to utilize those access rights. Yeah, it can be a paine, but it does a good job. If having multiple user account information to track is a pain, may I suggest converting to NIS or LDAP for user authentication? -Rob Alexander Varga wrote:>please help me. >Why I cannot create a user with smbpasswd without having this username in /etc/passwd??? >################### >bash-2.05# smbpasswd -a testaccount >New SMB password: >Retype new SMB password: > >Failed to initialise SAM_ACCOUNT for user testaccount. >Failed to modify password entry for user testaccount >bash-2.05# >############## >my global in smb.conf >[global] > workgroup = J9_C > server string = %h server (Samba %v) > dns proxy = no > log file = /usr/local/samba/var/log.%m > passdb backend = tdbsam smbpasswd > invalid users = root > passwd program = /bin/passwd %u > socket options = TCP_NODELAY > >I compilled my samba using >./configure --prefix=/usr/local/samba --with-pam --with-pam_smbpass --with-acl-support >and made a solaris package. > > > > >
Alexander Varga wrote:>Thanx >...and yes. It is realy a big trouble with lot of users. I tryed ldap, but hence my LDAP server is an Novel eDirectory, I am not realy familiar with it and couldn't find any advice on google to configurte it right(the problem I have is to use the right filters while searchyng the LDAP accounts and rights). >I read about winbind. ... would it be a solution for me, or better try it once again with LDAP? >I need also do manage access to directoryes with restrictions. maybe pam could do that. >... some suggestions? > > >Unless I am mistaken, PAM is the combination passwd/group file with a seperate smbpasswd file. From what you are saying, that's not what you want. LDAP is what I would focus on and only because you seem to already have a working LDAP installation running.. If you are still in your early stages with this server (If it is a Linux Server) you could give it a reinstall, I know that during the (Expert) installation process of several different distributions you are asked what kind of authentication model you wish to use, I know that LDAP is one of the choices and it might be easier to configure that during the install then after the initial install of the OS. Believe me when I say this, I am totally lost when it comes to LDAP Authentication.and the above is just a guess. I am very far from an expert here, I am also not very familar with Winbind. I am mearly okay with a few areas of setting up Samba, nothing more. Good luck! -Rob