if you have
unix password sync = Yes
and your passwd program = and passwd chat = lines set correctly, in XP,
a user will hit ctrl alt del and click on change password, and put in
their old and new password, and then samba will write their new password
to /etc/samba/smbpasswd and then run the passwd program to change the
user's linux shell password. i don't think you'll need to do anything
special and pam for that. i didn't with out of the box fedora and
centos installations anyway.
Parag Kalra wrote:
Hello all,
I am getting confused?
Is it possible to reflect the changes made in /etc/passwd on
/etc/samba/smbpasswd or is it vice versa?
What exactly does " unix password sync = Yes " do ?
Also I found a work around from following URL:
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/pam.html#id431902
I don't know where to place the following entry:
[#%PAM-1.0
# password-sync
#
auth requisite pam_nologin.so
auth required pam_unix.so
account required pam_unix.so
password requisite pam_cracklib.so retry=3
password requisite pam_unix.so shadow md5 use_authtok try_first_pass
password required pam_smbpass.so nullok use_authtok try_first_pass
session required pam_unix.so]
Do I need to need to create a new file "/etc/pam.d/"? If yes then by
what name and what all services do I need to run apart from smb?
Thanks and Regards,
Parag Kalra
On 2/5/08, Adam Williams <[EMAIL PROTECTED]> wrote:
this is my passwd chat for RHEL:
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
Parag Kalra wrote:
I am using RHEL 4 U5.
The enteries under concern are:
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = "*enter old password*" %o\\n "*Enter NEW password*" %n\\n
"*reenter New passwd*" %n\\n "*password changed*"
username map = /etc/samba/smbusers
Also to view the entire file please see the attachment.
--
Parag Kalra
On Feb 5, 2008 5:37 AM, Rubin Bennett <[EMAIL PROTECTED]> wrote:
Ok, I assume that your system does have a pam auth subsystem?
What distro are you on, and may we see your smb.conf (you can omit the
share definitions)?
Rubin
On Tue, 2008-02-05 at 05:26 +0530, Parag Kalra wrote:
Yes I have restarted smb but still no fruits.
Also placing "passwd chat debug = yes" didn't generate any log
in /var/log/samba/smd.log
Could anyone please explain the following:
[If you want to keep using passwd instead of PAM, could you write a
wrapper/replacement for passwd that logs everything that happens?]
--
Parag Kalra
On Feb 5, 2008 5:11 AM, Rubin Bennett <[EMAIL PROTECTED]> wrote:
Did you restart samba (/etc/init.d/smb restart)?
You need to at least do a reload (/etc/init.d/smb reload) for
config
file changes to be read.
Rubin
On Tue, 2008-02-05 at 08:09 +0900, Michael Heydon wrote:
> Parag Kalra wrote:
> > Hi Rubin,
> >
> > I made the changes suggested by you but still its not
working.
> >
> > --
> > Parag Kalra
> >
> > On Feb 5, 2008 3:29 AM, Rubin Bennett
<[EMAIL PROTECTED]> wrote:
> >
> >
> >> On Tue, 2008-02-05 at 02:26 +0530, Parag Kalra wrote:
> >>
> >>> Hello all,
> >>>
> >>> I am trying to change the linux login password through
the smbpasswd
> >>> command by placing following parameters in smb.conf
file:
> >>>
> >>> unix password sync = Yes
> >>> passwd program = /usr/bin/passwd %u
> >>> passwd chat = "*enter old password*" %o\\n "*Enter NEW
password*"
> >>> %n\\n "*reenter New passwd*" %n\\n "*password changed*"
> >>>
> >>>
> >> testparm is your friend :) It should complain about the
passwd command,
> >> and for good reason; it shouldn't be there. Use:
> >> pam password change = yes
> >> instead, and get rid of the passwd program and passwd
chat lines.
> >>
> >>
> PAM is far from universal, there are plenty of OSes and
distros that do
> not include PAM. The man page doesn't say anything about
passwd program
> being depreciated, why would testparm complain about it?
>
> Are you getting anything in the logs when trying to reset
the password?
> Have you tried enabling passwd chat debug (you may have to
up your log
> level as well)? If you want to keep using passwd instead of
PAM, could
> you write a wrapper/replacement for passwd that logs
everything that
> happens?
> >> HTH,
> >> Rubin
> >>
> >>
> >
>
> *Michael Heydon - IT Administrator *
> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
--
Rubin Bennett
RB Technologies
http://thatitguy.com
[EMAIL PROTECTED]
(802)223-4448
"They that can give up essential liberty to obtain a little
temporary security deserve neither liberty nor safety"
--Benjamin Franklin, Historical Review of Pennsylvania, 1759
--
Love,
PARAG . A . KALRA
Good judgment comes from experience, and experience comes from bad
judgment
http://discoverlinux.blogspot.com
Debian Linux! A Dawn of New Era!
--
Rubin Bennett
RB Technologies
http://thatitguy.com
[EMAIL PROTECTED]
(802)223-4448
"They that can give up essential liberty to obtain a little
temporary security deserve neither liberty nor safety"
--Benjamin Franklin, Historical Review of Pennsylvania, 1759
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
