Hi all, Is there any way to automatically update the samba password when a user changes his unix account password using the passwd command. I want samba to look in passwd file for authentication. I dont want to create two accounts one for local unix and then for the samba. I am not planning to deploy ldap as a solution. Is there any workaround. Anish ___________________________________________________________ ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com
On Tue, 2004-12-21 at 13:45, Anish Mathew wrote:> Hi all, > > Is there any way to automatically update the samba > password when a user changes his unix account password > using the passwd command.Short Answer - Yes.> > I want samba to look in passwd file for > authentication. I dont want to create two accounts one > for local unix and then for the samba.How to get passwd to sync both Linux and smbpasswd Update : Ow Mun Heng Date : Long Time Ago The pam_smbpass PAM module can be used to sync users' Samba passwords with their system passwords when the passwd command is used. If a user invokes the passwd command, the password he uses to log in to the Red Hat Linux system as well as the password he must provide to connect to a Samba share are changed. To enable this feature, add the following line to /etc/pam.d/system-auth below the pam_cracklib.so invocation: password required /lib/security/pam_smbpass.so nullok use_authtok try_first_pass This module is incorporated into the samba source/rpm package #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so password required /lib/security/pam_cracklib.so retry=3 typepassword required /lib/security/pam_smbpass.so nullok use_authtok try_first_pass password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/pam_deny.so session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so # less /usr/share/doc/samba-2.2.7/docs/pam_smbpass/README -- Ow Mun Heng Gentoo/Linux on D600 1.4Ghz 98% Microsoft(tm) Free!! Neuromancer 14:06:56 up 4:56, 6 users, 0.47, 0.55, 0.25
Bradley, James D. CONT (EAGAN, MCALLISTER ASSOC Dept 723)
2004-Dec-21 13:57 UTC
[Samba] Unix password synch
I have a related question (if this is the right place to ask...). I'm
using pam_krb5 to authenticate users against an ADS domain, which works
well. They can also change their AD account password with the passwd
command. What I would like to happen is both the AD account and local
(Unix) account passwords get changed at the same time (that way users
could still log in with their "usual" password, even if there was some
loss of connectivity to the AD server). Here's my current setup for
password:
password sufficient pam_krb5.so
password required pam_unix.so try_first_pass nullok obscure \
min=4 max=8 md5
What happens here is, the AD password gets changed, but the Unix
password is untouched (I've tried making the pam_krb5 line
"optional" as
well, but that doesn't work either). What's worse, I can't change
passwords for local-only accounts (like root) at all. I have to comment
out the pam_krb5 line to do that. I'm running Debian 3.1 (Sarge),
libpam-krb5 1.0-10. Can anyone help?
Thanks,
James
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
James Bradley
Eagan, McAllister & Associates
james.d.bradley@navy.mil
-----Original Message-----
From: samba-bounces+james.d.bradley=navy.mil@lists.samba.org
[mailto:samba-bounces+james.d.bradley=navy.mil@lists.samba.org] On
Behalf Of Ow Mun Heng
Sent: Tuesday, December 21, 2004 1:10 AM
To: Samba-list
Subject: Re: [Samba] Unix password synch
On Tue, 2004-12-21 at 13:45, Anish Mathew wrote:> Hi all,
>
> Is there any way to automatically update the samba
> password when a user changes his unix account password
> using the passwd command.
Short Answer - Yes.>
> I want samba to look in passwd file for
> authentication. I dont want to create two accounts one
> for local unix and then for the samba.
How to get passwd to sync both Linux and smbpasswd
Update : Ow Mun Heng
Date : Long Time Ago
The pam_smbpass PAM module can be used to sync users' Samba passwords
with their system passwords when the passwd command is used. If a user
invokes the passwd command, the password he uses to log in to the Red
Hat Linux system as well as the password he must provide to connect to a
Samba share are changed.
To enable this feature, add the following line to /etc/pam.d/system-auth
below the pam_cracklib.so invocation:
password required /lib/security/pam_smbpass.so nullok use_authtok
try_first_pass
This module is incorporated into the samba source/rpm package
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth required /lib/security/pam_deny.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3 typepassword
required /lib/security/pam_smbpass.so nullok
use_authtok try_first_pass
password sufficient /lib/security/pam_unix.so nullok use_authtok
md5 shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
# less /usr/share/doc/samba-2.2.7/docs/pam_smbpass/README
--
Ow Mun Heng
Gentoo/Linux on D600 1.4Ghz
98% Microsoft(tm) Free!!
Neuromancer 14:06:56 up 4:56, 6 users, 0.47, 0.55, 0.25
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba