Andrea Bencini escreveu:
SWAT's help files are a good resource, as shown below.
Dale
I will explain you my question.
I have installed samba-3.0.28-0 like PDC and I have only some Xp prof
clients.
In "global" section of smb.conf I have set
passdb backend = tdbsam
unix password sync = no
encrypt password = yes
I have NOT set "passwd program" and "passwd chat"
Then, with pdbedit, I have set password expired.
I can change the password, when it is expired, from Xp prof client.
The question is:
Are "passwd program" and "passwd chat" part of the suit to change the
password?
Yes.
I have NOT used them, but I can change anyway the passwords; then when
should I use
them? In which situation?
As already said, the man page are very clear. The password program is
the program used to change UNIX passwords. And UNIX passwords are not,
lets say, "samba passwords".
Samba maintains its hashes by its own (that only it uses), but the UNIX
part is configurable.
These options are used if you enable back the unix password sync. Theres
some other options used with LDAP too.
What you will notice if you not sync the UNIX part, is that these
accounts would not be able to be used with the same password by other
services (that don't use the samba NT and LM hashes to authenticate),
you will not be able to log in a shell, for example.
The password chat is the configuration used to know when to feed or to
consider the output a response to the password program, as password
programs doesn't accept passwords in their command line for security
reasons. It works like a program called expect that is used for the same
purpose in automated configurations.
Use these options together if you plan to sync the UNIX part of the set
of passwords with the samba part and you are not using LDAP.
Thanks
Andrea
Regards.
Edmundo Valle Neto
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
