Chunduru, Krishnachaithanya
2017-Aug-04 12:53 UTC
[Samba] Authentication issues with Samba 4.3.8
Hi Rowland/All, I want to sync the local /etc/passwd to smbpasswd database in Aix. Can someone please help with any tools or scripts available to proceed further. Setting up a domain level user for all the samba users is tough for us right now. Regards, Krishna -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny via samba Sent: Tuesday, July 04, 2017 2:42 PM To: samba at lists.samba.org Subject: Re: [Samba] Authentication issues with Samba 4.3.8 On Tue, 4 Jul 2017 14:25:48 +0530 "Chunduru, Krishnachaithanya" <Krishnachaithanya.Chunduru at broadridge.com> wrote:> Hi, > > The users are created locally, each user have their own workstation. > The workstation id and the unix id are different. > > Users will try to access the share with the unix local account only. > > All the VM's are part of domain, so users will first login to their > stations using domain id and then will access the share using unix > local id. Thank you. >OK, that isn't easy to understand, but I think you mean your users log into a Windows domain computer then connect to your Samba standalone server, is this correct ? If it is correct, WHY? Doing it this way, means you have to create the users three times! If the user changes their password, it also needs to be changed on the standalone server. Have you considered using a Unix domain member instead, this way you only create the user once. See here for more info: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member I would suggest using the 'rid' backend if you do go this way. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
On Fri, 4 Aug 2017 18:23:23 +0530 "Chunduru, Krishnachaithanya via samba" <samba at lists.samba.org> wrote:> Hi Rowland/All, > > I want to sync the local /etc/passwd to smbpasswd database in Aix. > Can someone please help with any tools or scripts available to > proceed further. > > Setting up a domain level user for all the samba users is tough for > us right now.What is tough about adding a few lines to smb.conf, then joining the machine to the domain and all your users being available without touching /etc/passwd ??? Rowland
Chunduru, Krishnachaithanya
2017-Aug-04 14:26 UTC
[Samba] Authentication issues with Samba 4.3.8
Hi, Changing the configuration file is not a problem, but each share have around 100+ users using it. So if I need to use AD authentication then I need to add all these users to a single domain, whereas we have 2 or 3 domains. Regards, Krishna -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny via samba Sent: Friday, August 04, 2017 7:43 PM To: samba at lists.samba.org Subject: Re: [Samba] Authentication issues with Samba 4.3.8 On Fri, 4 Aug 2017 18:23:23 +0530 "Chunduru, Krishnachaithanya via samba" <samba at lists.samba.org> wrote:> Hi Rowland/All, > > I want to sync the local /etc/passwd to smbpasswd database in Aix. > Can someone please help with any tools or scripts available to proceed > further. > > Setting up a domain level user for all the samba users is tough for us > right now.What is tough about adding a few lines to smb.conf, then joining the machine to the domain and all your users being available without touching /etc/passwd ??? Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
On Fri, 2017-08-04 at 18:23 +0530, Chunduru, Krishnachaithanya via samba wrote:> Hi Rowland/All, > > I want to sync the local /etc/passwd to smbpasswd database in Aix. Can someone please help with any tools or scripts available to proceed further. > > Setting up a domain level user for all the samba users is tough for us right now.The best I can suggest is that you ask your users to change their passwords via Samba, and have 'passwd program' and 'unix password sync' via 'passwd chat'. See the smb.conf manpage. It wouldn't help on AIX, but for others: pam_smbpass did this, but has been removed as it loaded substantial fractions of Samba into arbitrary processes as a plugin, which didn't go well for many reasons, but as an example when we reset global variables like the syslog name... Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba