On Thursday 13 October 2005 12:36, Ross Boylan wrote: > I'm running samba 3.0.14a-6 on Debian GNU/Linux 2.4. I believe that I > should be using pdbedit to add or modify users and their passwords, > but I want to double-check that. I'd also like to suggest the > documentation could be clearer.
Please direct me to the specific sections of the documentation that you referred to to help me to understand where I have messed up. Humble apologies if I have written bad documentation. Please help me to find my errors so I can fix them. > I had earlier versions installed, and the upgraded seems to have > migrated me to the new password scheme. smb.conf has "passdb backend = > tdbsam guest"; there is no smbpasswd file in the location designated > in smb.conf or anywhere else according to locate; and there are > various tdb files. > > First uncertainty: is the smbpasswd program a general front end, like > pdbedit, or does it only work with the smbpasswd back end and file? > The man page and other documentation (e.g., 10.3 of the How To) seem > to provide evidence for both interpretations. The smbpasswd program uses the first argument (reading from left to right) that has been specified to the passdb backend parameter in the smb.conf file. > Second uncertainty: the smb.conf man page, in the section "Note About > Username/Password Validation" discusses authentication mechanisms. It > doesn't look to me as if the samba backend figure in this discussion. > The first item refers to "the UNIX system's password programs"; to me > this means this means the usual Unix mechanisms for password > verification and not SAMBA's special facilities. However, those may > be programs, and they are on a UNIX system, so maybe that is > intended. This is the only password matching mechanism discussed > explicitly in the whole section. This section contains no hint of the > issues with encrypted vs clear-text passwords. > > The simple fact that one needs to set up users and passwords, at least > in some configurations (namely, the recommended ones for NT clients), > was not something that was obvious to me from the man pages, the How > To, and the cookbook. It was so unobvious that I began to doubt it > was necessary, even though I had done it a few years ago (and since > kind of forgotten). > > To summarize the question and the comment: > > Given "passdb backend = tdbsam guest", " encrypt passwords = true", > and NT clients, does the smbpasswd command work on my system? Yes. If you execute "smbpasswd -a 'username'" it will add the SambaSAM account enttry to the tdbsam backend. This data will be written to the passdb.tdb file in the /etc/samba directory (Linux). > Comment: the documentation on the use and setup of passwords was > obscure to me. A few strategically placed sentences could help a lot > to clarify things Once you figure this out please email me your corrections/clarifications to the documentation. When will you contribute this vital information? - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba