Re: [Samba] smbpasswd not working
On Fri, Jan 20, 2012 at 02:01:29AM +1100, John Tate wrote: When I used smbpasswd it gives me the following error... root@hayek:~# smbpasswd john New SMB password: Retype new SMB password: Failed to find entry for user john. This is despite the existence of the user root@hayek:~# cat /etc/samba/smbpasswd # # SMB password file. # nobody:65534:::[U ]:LCT-:nobody john:1000:::[U ]:LCT-:John Tate,,, I do not understand what is going on. I really need to get this working. You might be running with passdb backend = tdbsam (the default right now). In that case, the smbpasswd file is no longer used. It's replaced by a file called passdb.tdb. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbpasswd not working
Hallo, John, Du meintest am 20.01.12: root@hayek:~# smbpasswd john New SMB password: Retype new SMB password: Failed to find entry for user john. This is despite the existence of the user root@hayek:~# cat /etc/samba/smbpasswd # # SMB password file. # nobody:65534::XXX X:[U ]:LCT-:nobody john:1000::XX XX:[U ]:LCT-:John Tate,,, Tells pdbedit -Lw -u john the same contents? And - please - don't show this contents (at least the unchanged contents); it's very simple to restore the original password from this contents. Additional (related to Volkers answer): what tells testparm -sv 2/dev/null | grep backend Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbpasswd not working
On Fri, Jan 20, 2012 at 2:15 AM, Helmut Hullen hul...@t-online.de wrote: Hallo, John, Du meintest am 20.01.12: root@hayek:~# smbpasswd john New SMB password: Retype new SMB password: Failed to find entry for user john. This is despite the existence of the user root@hayek:~# cat /etc/samba/smbpasswd # # SMB password file. # nobody:65534::XXX X:[U ]:LCT-:nobody john:1000::XX XX:[U ]:LCT-:John Tate,,, Tells pdbedit -Lw -u john the same contents? And - please - don't show this contents (at least the unchanged contents); it's very simple to restore the original password from this contents. Additional (related to Volkers answer): what tells testparm -sv 2/dev/null | grep backend root@hayek:~# testparm -sv 2/dev/null | grep backend passdb backend = tdbsam idmap backend = tdb idmap config * : backend = tdb Yeah I'm using a different backend to what I thought. I've actually not configured samba on Linux in a long time. Some things have changed it seems I'll just have to catch up on the docs. I know what area I'm wrong in now so thanks. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- www.johntate.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbpasswd fails
On Mon, Apr 12, 2010 at 3:23 PM, Chris Smith smb...@chrissmith.org wrote: Any clues? Does smbpasswd just not work as a user with NTLMv2? Is this documented anywhere? The problem is that I'm trying to test unix password sync and don't have a windows box. Running smbpasswd as root or using pdbedit update the database directly and do not rely on the client/server mode. Is there another way to test unix password sync using NTLMv2 and no windows box? Thanks. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbpasswd issue in a migration.
Hi, thank you for answer, in the new server tells (8.04), r...@server:~# which -a smbpasswd /usr/bin/smbpasswd r...@server:~# ls -l /usr/bin/smbpasswd -rwxr-xr-x 1 root root 1307112 2007-02-05 22:14 /usr/bin/smbpasswd In the ubuntu 5.10 (original server), r...@sever:~# which -a smbpasswd /usr/bin/smbpasswd /usr/bin/X11/smbpasswd r...@sever:~# ls -l /usr/bin/smbpasswd -rwxr-xr-x 1 root root 1307112 2007-02-05 22:15 /usr/bin/smbpasswd Thanks, g. -Mensaje original- De: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] En nombre de Helmut Hullen Enviado el: viernes, 05 de febrero de 2010 04:10 a.m. Para: samba@lists.samba.org Asunto: Re: [Samba] smbpasswd issue in a migration. Hallo, Gabriel, Du meintest am 04.02.10: My problem is when I try to change an user?s password. To change from the original server a password I use the command smbpasswd ?user? and it works; but when I try to do the same in the new server I get this error bash: /usr/bin/smbpasswd no such file or directory exist. What tells which -a smbpasswd ls -l /usr/bin/smbpasswd I try to change the password with passwd but then it doesn?t allow me to log on a windows?s terminal with the new password. That's simple: passwd changes (only) the Linux password, and smbpasswd only changes the Samba password. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbpasswd vs passwd to change
so what's you're question? Nickolas Gray wrote: Not sure if someone here can answer this for me. The OpenLDAP guys have blown me off on this one. I have a standalone server which is using ldap as the passdb backend. I can ssh into an account. I can show that smbclient works -L localhost -U ldaptestuser works. If I change the password using smbpasswd both still work with new password. If i change the password using /usr/bin/passwd I can login interactively with the new password but samba still uses the old password. The relevant part of the smb.conf is [global] workgroup = ISLANDS server string = Samba Server Version %v on Kailua netbios name = kailua hosts allow = 192.168.136. 127. log file = /var/log/samba/%m.log max log size = 50 log level = 10 debug timestamp = yes security = user passdb backend = ldapsam:ldap://127.0.0.1 ldap suffix = dc=local,dc=austin,dc=rr,dc=com ldap user suffix = ou=users ldap group suffix = ou=groups ldap admin dn = cn=root,dc=local,dc=austin,dc=rr,dc=com ldap delete dn = no ldap ssl = no ldap passwd sync = yes local master = yes os level = 33 preferred master = yes load printers = yes cups options = raw restrict anonymous = 2 Thanks, Nick Gray -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbpasswd vs passwd to change
On Thu, 2010-02-04 at 10:11 -0600, Adam wrote: so what's you're question? Nickolas Gray wrote: Not sure if someone here can answer this for me. The OpenLDAP guys have blown me off on this one. Don't feel bad; providing opportunities to blow people off is the primarily purpose of their listserv. I have a standalone server which is using ldap as the passdb backend. I can ssh into an account. I can show that smbclient works -L localhost -U ldaptestuser works. If I change the password using smbpasswd both still work with new password. If i change the password using /usr/bin/passwd I can login interactively with the new password but samba still uses the old password. Of course. passwd does not update the SAM password attributes. With a Samba 3.x SAM you have [at least] two passwords in your LDAP object - userpassword and sambantpassword. Samba may know to update all the password entries, and potentially other meta-data, but passwd certainly does not. Unless you've been successful at configuring the smbk5pwd module and are performing password changes via the password change extended operation. This is covered in the official documentation somwhere. -- OpenGroupware developer: awill...@whitemice.org http://whitemiceconsulting.blogspot.com/ OpenGroupare Cyrus IMAPd documenation @ http://docs.opengroupware.org/Members/whitemice/wmogag/file_view -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbpasswd issue in a migration.
Hallo, Gabriel, Du meintest am 04.02.10: My problem is when I try to change an user?s password. To change from the original server a password I use the command smbpasswd ?user? and it works; but when I try to do the same in the new server I get this error bash: /usr/bin/smbpasswd no such file or directory exist. What tells which -a smbpasswd ls -l /usr/bin/smbpasswd I try to change the password with passwd but then it doesn?t allow me to log on a windows?s terminal with the new password. That's simple: passwd changes (only) the Linux password, and smbpasswd only changes the Samba password. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbpasswd: where's the file of password?
On 11/17/09 14:43, Pol Hallen wrote: Hi all :-) I compiled samba on my debian stable (all bin are in /usr/local/samba/bin/), smbpasswd too. I use it but I don't see the smbpasswd password file. Where smbpasswd update own file of passwords? thanks Pol testparm -v should show this. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ./smbpasswd: symbol lookup error: ./smbpasswd: undefined symbol: _talloc_get_type_abort
2009/11/15 Pol Hallen s...@fuckaround.org: What does ldd ./smbpasswd give you? debian-test-0:/usr/local/samba/bin# ldd smbpasswd linux-gate.so.1 = (0xb7adf000) libresolv.so.2 = /lib/i686/cmov/libresolv.so.2 (0xb7abd000) libnsl.so.1 = /lib/i686/cmov/libnsl.so.1 (0xb7aa4000) libdl.so.2 = /lib/i686/cmov/libdl.so.2 (0xb7a9f000) libtalloc.so.1 = /usr/lib/libtalloc.so.1 (0xb7a97000) libtdb.so.1 = /usr/lib/libtdb.so.1 (0xb7a8a000) libwbclient.so.0 = /usr/lib/libwbclient.so.0 (0xb7a81000) libc.so.6 = /lib/i686/cmov/libc.so.6 (0xb7926000) /lib/ld-linux.so.2 (0xb7ae) Right. So it's using the system libtalloc (and libtdb etc.) instead of the ones you compiled. Try: # echo /usr/local/samba/lib /etc/ld.so.conf.d/00self-compiled-samba # ldconfig Then when you run ldd smbclient again it should point libtalloc.so.1 to /usr/local/samba/lib/libtalloc.so.1. -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ./smbpasswd: symbol lookup error: ./smbpasswd: undefined symbol: _talloc_get_type_abort
2009/11/13 Pol Hallen s...@fuckaround.org: Hi folks :-) I compiled samba (latest stable v3.4.3) on my debian stable, everything seems ok but when I try to add new samba user ./smbpasswd: ./smbpasswd: symbol lookup error: ./smbpasswd: undefined symbol: _talloc_get_type_abort I already checked useful libreries but I don't understand this problem. what can I do? What does ldd ./smbpasswd give you? -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ./smbpasswd: symbol lookup error: ./smbpasswd: undefined symbol: _talloc_get_type_abort
Michael Wood wrote: 2009/11/13 Pol Hallen s...@fuckaround.org: Hi folks :-) I compiled samba (latest stable v3.4.3) on my debian stable, everything seems ok but when I try to add new samba user ./smbpasswd: ./smbpasswd: symbol lookup error: ./smbpasswd: undefined symbol: _talloc_get_type_abort I already checked useful libreries but I don't understand this problem. what can I do? What does ldd ./smbpasswd give you? I solved this by installing libtalloc1 version 3.4.3 when upgrading from 3.2.7 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbpasswd
On Mon, Apr 13, 2009 at 11:46 AM, Res r...@ausics.net wrote: Hi, For automation in Perl scripts that add users, trying to add in smbpasswd, I'm sure, years ago, there was a way of issuing this without drama, now it seems it wont just take the password, is there a hidden option? or can we get -w changed so that it inserts the password into the pass file? `smbpasswd -a foo -w bar`; would be nice and painless for automation without writing yet another messy expect script :) Maybe this can help you ? http://www.programmingforums.org/thread6522.html -- http://vnoss.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbpasswd or tdbsam? Which one?
I do use it, though, at it works fine mostly. I've heard it explained that the reasoning for avoiding TDBSAM is that if you're running a PDC, you probably also need features not provided by TDBSAM. In many cases, that isn't exactly accurate. We have MANY users, but our needs are fairly simple (and there are few workstations -- it's just a public lab). I prefer LDAP, but if I was to choose between smbpasswd or tdbsam I would definitely go for the later. The reasons why tdbsam is better are clearly explained on the Samba documentation. See: Samba3-ByExample Samba3-HOWTO Search the PDFs for backend and you will find plenty of information. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd or tdbsam? Which one?
According to the Samba documentation, smbpasswd is not even recommended for a PDC... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd or tdbsam? Which one?
I was asking the same question not too many days ago. I went with LDAP. It is not as difficult as some people think. It seems somewhat daunting at first but then you quickly get the grasp of it. It simply *works* and solves *a lot* of challenges at the same time, leaving you ready for future expansion. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd or tdbsam? Which one?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I think you want tdbsam. There's virtually no downside. =R Aaron Souza wrote: All, I have a site with around 200 concurrent users, with a user count of over a thousand... I'm currently using just one PDC using the smbpasswd backend. I currently do not want to go into an LDAP backend... but would tdbsam be a better alternative? One of the issues I have is, pretty randomly, I have some machines that cannot find the domain controller (dell wireless card utility tells you it cant via login). I'm guessing its because when I grep on 'corrupt' from /var/log/messages, I have many errors because of poor account managment. (exists in smbpaswd but not unix /etc/passwd. ) Thanks for the support. - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkl6QPwACgkQmb+gadEcsb6fsACgqj0/d95xcq/DalFPRljbkhk7 v3kAoMesOSdMaYct3YROfNmPi9DY6Ob2 =Y9XA -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd or tdbsam? Which one?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Miguel Medalha wrote: According to the Samba documentation, smbpasswd is not even recommended for a PDC... I do use it, though, at it works fine mostly. I've heard it explained that the reasoning for avoiding TDBSAM is that if you're running a PDC, you probably also need features not provided by TDBSAM. In many cases, that isn't exactly accurate. We have MANY users, but our needs are fairly simple (and there are few workstations -- it's just a public lab). - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkl6TPoACgkQmb+gadEcsb6KJgCg5FJq0+rb0Zp70u1nLhTSje0E xokAoNd3U8i/1CxknkSWmZ7Mq+a95oWR =niPb -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd web frontend
Michael Mohn ha scritto: I would try a minimal setup of webmin. Thanks. I tried this today, but, even with only the samba module loaded, it still has too many features, which I don't want to give to my users. I ended up wrapping smbpasswd in a cgi script. Ugly and risky, but I guess it's the less worst thing. bye Thanks av. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd web frontend
Am 08.09.2008 um 21:07 schrieb Andrea Venturoli: Michael Mohn ha scritto: I would try a minimal setup of webmin. Thanks. I tried this today, but, even with only the samba module loaded, it still has too many features, which I don't want to give to my users. I ended up wrapping smbpasswd in a cgi script. Ugly and risky, but I guess it's the less worst thing. in a second thought: maybe there is something like a addon for usermin (webmins user-centered part). maybe you should try google on this ;) bye, Michael. PGP.sig Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd web frontend
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrea Venturoli wrote: Michael Mohn ha scritto: I would try a minimal setup of webmin. Thanks. I tried this today, but, even with only the samba module loaded, it still has too many features, which I don't want to give to my users. I ended up wrapping smbpasswd in a cgi script. Ugly and risky, but I guess it's the less worst thing. Did you try swat? - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIxYmZmb+gadEcsb4RAtUGAJ9y/c1POXphlrYQhNFznMzq6oo2qgCfRsZH YKX6LSVc9Q+OCambxCrm5ns= =6aUg -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd web frontend
Am 03.09.2008 um 11:51 schrieb Andrea Venturoli: Hello. Before starting to write such a thing myself, I'm asking whether it already exists. What I want is the ability to give a non-technical admin the ability to change passwords for any user. This web page will obviusly be protected and only accessible to him. The thing should be as simple as possible; I don't need UNIX password sync, the ability to add or remove users, or any other feature. I also guess that the web way would be the easiest, but I'm open to other solutions. I would try a minimal setup of webmin. bye, Michael. PGP.sig Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd help101
Hi Cao, Minh, *, Cao, Minh schrieb: Hi, I am using samba 3 came with redhat 5.1 , samba-3.0.25b-0.el5.4 Please help to answer these questions 1/ How can I can smb.conf to use /etc/samba/smbpasswd file ? 2/ What is the default 'security' on samba 3 user ? 3/ Does the lines start with a ; (semi-colo) are default configuration ? example ; security = user The answers You will get calling man smb.conf on Your shell prompt This email contains confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message. really?? Then a public mailing list might not be a good place for it. :o)) -- Friedrich beste Grüße/best regards von der/from the Sonnenalb - Germany -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd database is corrupt!
Just taking a stab at this but did you modify nsswitch.conf to look in the LDAP server. I believe this is where you would set it to look for authentication info other than files - Original Message - From: Adam Williams [EMAIL PROTECTED] To: Samba samba@lists.samba.org Sent: Friday, January 25, 2008 10:28 AM Subject: [Samba] smbpasswd database is corrupt! I added myself into OpenLDAP and deleted my user account from /etc/passwd. Now samba complains in the log file: Jan 25 10:17:56 roark smbd[2767]: build_sam_account: smbpasswd database is corrupt! username awilliam with uid 511 is not in unix passwd database! however, I'm resolving my awilliam with nss_ldap, so I can ssh and su -l awilliam fine. so shouldn't samba be able to get the user awilliam w/ uid 511 out of ldap via nss_ldap instead of looking for it directly in /etc/passwd? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd database is corrupt!
i did, otherwise I wouldn't be able to ssh in and su -l to awilliam. [EMAIL PROTECTED] ldap]# cat /etc/nsswitch.conf |grep ldap passwd: files ldap shadow: files ldap group: files ldap protocols: files ldap services: files ldap netgroup: files ldap automount: files ldap Robert Pollard wrote: Just taking a stab at this but did you modify nsswitch.conf to look in the LDAP server. I believe this is where you would set it to look for authentication info other than files - Original Message - From: Adam Williams [EMAIL PROTECTED] To: Samba samba@lists.samba.org Sent: Friday, January 25, 2008 10:28 AM Subject: [Samba] smbpasswd database is corrupt! I added myself into OpenLDAP and deleted my user account from /etc/passwd. Now samba complains in the log file: Jan 25 10:17:56 roark smbd[2767]: build_sam_account: smbpasswd database is corrupt! username awilliam with uid 511 is not in unix passwd database! however, I'm resolving my awilliam with nss_ldap, so I can ssh and su -l awilliam fine. so shouldn't samba be able to get the user awilliam w/ uid 511 out of ldap via nss_ldap instead of looking for it directly in /etc/passwd? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and 8 character limit
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is the most current, I would think, source of information on Solaris (since it is newer than Solaris 10, even). There would be a rather large implication here that larger than 8 character names will present a problem: http://www.opensolaris.org/os/community/security/library/long_usernames/ Gaiseric Vandal wrote: The problem is with passwords that exceed 8 characters, not usernames. Solaris (at least Solaris 9 ) will let you create usernames with more than 8 characters- (although it complains about.) Most of the usernames are 8 characters or less, including the test account.And I would think that the unix password store is usually irrelevant to samba anyway (with the exception of password syncing.) Older versions of Solaris did have an issue with unix passwd length (basically any characters beyond 8 were ignored.)Switching from DES to MD5 password encryption seems to have fixed this. I will try compiling 3.026a on a linux box (or 3.024 on solaris) and see if it really is Solaris specific. On Nov 7, 2007 4:14 PM, Ryan Novosielski [EMAIL PROTECTED] wrote: I can confirm that Solaris only allows 8 character usernames (just looked this up last week). As such, your usage of /etc/passwd (or whatever other PAM backend) is likely the problem. Eric Diven wrote: I'm pretty sure it's Solaris specific, I didn't have problems on my CentOS box I've been using as a reference machine. See this bug in bugzilla: https://bugzilla.samba.org/show_bug.cgi?id=4863 ~Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gaiseric Vandal Sent: Friday, November 02, 2007 5:04 PM To: Samba Subject: [Samba] smbpasswd and 8 character limit The smbpasswd on my PDC (Solaris 9, Samba 3.026a) will truncate or corrupt passwords over 8 chars. The smbpasswd command on the linux clients (Samba 3.024a) is OK. Anyone know if this is a samba version issue or something solaris specific. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba o/samba - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHM427mb+gadEcsb4RAsK9AJ9ZY/kE5OjI4A1qrbW1wxXkHxiVbwCeL8Hp o1D3lKlSH4Lqa5r7ELl85cU= =WMed -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and 8 character limit
The problem is with passwords that exceed 8 characters, not usernames. Solaris (at least Solaris 9 ) will let you create usernames with more than 8 characters- (although it complains about.) Most of the usernames are 8 characters or less, including the test account.And I would think that the unix password store is usually irrelevant to samba anyway (with the exception of password syncing.) Older versions of Solaris did have an issue with unix passwd length (basically any characters beyond 8 were ignored.)Switching from DES to MD5 password encryption seems to have fixed this. I will try compiling 3.026a on a linux box (or 3.024 on solaris) and see if it really is Solaris specific. On Nov 7, 2007 4:14 PM, Ryan Novosielski [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I can confirm that Solaris only allows 8 character usernames (just looked this up last week). As such, your usage of /etc/passwd (or whatever other PAM backend) is likely the problem. Eric Diven wrote: I'm pretty sure it's Solaris specific, I didn't have problems on my CentOS box I've been using as a reference machine. See this bug in bugzilla: https://bugzilla.samba.org/show_bug.cgi?id=4863 ~Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gaiseric Vandal Sent: Friday, November 02, 2007 5:04 PM To: Samba Subject: [Samba] smbpasswd and 8 character limit The smbpasswd on my PDC (Solaris 9, Samba 3.026a) will truncate or corrupt passwords over 8 chars. The smbpasswd command on the linux clients (Samba 3.024a) is OK. Anyone know if this is a samba version issue or something solaris specific. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba o/samba - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHMirImb+gadEcsb4RAm8sAKCigwww8tI4yJ/t0zeeXolrfcOLLwCfSOtt YXa2QVJTSMAnuGUzhtetbrc= =9KWD -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and 8 character limit
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I can confirm that Solaris only allows 8 character usernames (just looked this up last week). As such, your usage of /etc/passwd (or whatever other PAM backend) is likely the problem. Eric Diven wrote: I'm pretty sure it's Solaris specific, I didn't have problems on my CentOS box I've been using as a reference machine. See this bug in bugzilla: https://bugzilla.samba.org/show_bug.cgi?id=4863 ~Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gaiseric Vandal Sent: Friday, November 02, 2007 5:04 PM To: Samba Subject: [Samba] smbpasswd and 8 character limit The smbpasswd on my PDC (Solaris 9, Samba 3.026a) will truncate or corrupt passwords over 8 chars. The smbpasswd command on the linux clients (Samba 3.024a) is OK. Anyone know if this is a samba version issue or something solaris specific. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba o/samba - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHMirImb+gadEcsb4RAm8sAKCigwww8tI4yJ/t0zeeXolrfcOLLwCfSOtt YXa2QVJTSMAnuGUzhtetbrc= =9KWD -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smbpasswd and 8 character limit
I'm pretty sure it's Solaris specific, I didn't have problems on my CentOS box I've been using as a reference machine. See this bug in bugzilla: https://bugzilla.samba.org/show_bug.cgi?id=4863 ~Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gaiseric Vandal Sent: Friday, November 02, 2007 5:04 PM To: Samba Subject: [Samba] smbpasswd and 8 character limit The smbpasswd on my PDC (Solaris 9, Samba 3.026a) will truncate or corrupt passwords over 8 chars. The smbpasswd command on the linux clients (Samba 3.024a) is OK. Anyone know if this is a samba version issue or something solaris specific. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba o/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smbpasswd and 8 character limit
Sorry, brain-fart, you'll probably be interested in knowing what version does work. The latest version of Samba that I've tested as working with the password issue is 3.0.24. I'm having trouble getting ACL support to work with it, but I have got ADS and winbind working seamlessly. ~Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gaiseric Vandal Sent: Friday, November 02, 2007 5:04 PM To: Samba Subject: [Samba] smbpasswd and 8 character limit The smbpasswd on my PDC (Solaris 9, Samba 3.026a) will truncate or corrupt passwords over 8 chars. The smbpasswd command on the linux clients (Samba 3.024a) is OK. Anyone know if this is a samba version issue or something solaris specific. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba o/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smbpasswd truncates password to 8 chars on Solaris sparc?
On Wed, 18 Jul 2007 20:35:30 -0600 Zube [EMAIL PROTECTED] wrote: Following up to my own query, it appears that bugs 4782 and 4677 in bugzilla.samba.org also mention this issue. Using the smbpasswd from 3.0.24 seems to work around the problem. Yep, I'm the reporter of bug 4677, hadn't seen 4782 but it does look like the same thing. A third similiar bug I have entered is 4674 where I eventually discovered I can't connect with smbclient when the users password is greater than 8 characters. 4674 is also on Sparc Solaris. I haven't tried any of it on x86 Solaris, my hunch would be the same problem exists there too. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd truncates password to 8 chars on Solaris sparc?
On Wed Jul 18 02:57:07 PM, Zube wrote: Good Day. In June, I posted a small query under the Subject of _odd smbpasswd / smbclient error from Linux to Solaris_ Briefly, a Solaris sparc server running 3.0.25a would not accept passwords from the Linux smbclient program if the password was 9 characters or greater. Instead, one would get this: session setup failed: NT_STATUS_LOGON_FAILURE but it worked fine with the Solaris sparc smbclient. Again, this with just with a passwd backend, very simple. Now running 3.0.25b and after digging deeper, it appears that things are worse than I first thought. smbpasswd is truncating passwords at 8 characters. For example, set a 9+ character password for a user with: smbpasswd dummy then try to mount the dummy share from windows using the dummy user and password or use smbclient from linux. In both cases, it fails. However, if one types only the first 8 characters of the password, it works fine. Any pointers are greatly appreciated. Following up to my own query, it appears that bugs 4782 and 4677 in bugzilla.samba.org also mention this issue. Using the smbpasswd from 3.0.24 seems to work around the problem. Cheers, Zube -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd problem on Solaris-10
I get this: $ smbpasswd -D 10 olb Netbios name list:- my_netbios_names[0]=FILES Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend NDS_ldapsam Successfully added passdb backend 'NDS_ldapsam' Attempting to register passdb backend NDS_ldapsam_compat Successfully added passdb backend 'NDS_ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to find an passdb backend to match smbpasswd (smbpasswd) Found pdb backend smbpasswd pdb backend smbpasswd has a valid init New SMB password: Retype new SMB password: getsampwnam (smbpasswd): search by name: olb startsmbfilepwent_internal: opening file /data/samba/private/smbpasswd getsmbfilepwent: returning passwd entry for user olb, uid 1 endsmbfilepwent_internal: closed password file. getsampwnam (smbpasswd): found by name: olb Finding user olb Trying _Get_Pwnam(), username as lowercase is olb Get_Pwnam_internals did find user [olb]! pdb_set_username: setting username olb, was pdb_set_full_name: setting full name , was pdb_set_domain: setting domain FILES, was Home server: files pdb_set_profile_path: setting profile path \\files\olb\profile, was Home server: files pdb_set_homedir: setting home dir \\files\olb, was pdb_set_dir_drive: setting dir drive , was NULL pdb_set_logon_script: setting logon script , was pdb_set_user_sid: setting user sid S-1-5-21-4108215807-3801520835-147286624-21000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-4108215807-3801520835-147286624-21000 from rid 21000 grant_privilege: S-1-1-0 original privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 grant_privilege: S-1-5-32-548 original privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 grant_privilege: S-1-5-32-549 original privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 grant_privilege: S-1-5-32-550 original privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 grant_privilege: S-1-5-32-551 original privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 new privilege mask: SE_PRIV 0x0 0x0 0x0 0x0 grant_privilege: S-1-5-32-544 original privilege mask: SE_PRIV 0xff0 0x0 0x0 0x0 new privilege mask: SE_PRIV 0xff0 0x0 0x0 0x0 account_policy_get: name: maximum password age, val: -1 account_policy_get: name: password history, val: 0 pdb_set_username: setting username olb, was pdb_set_domain: setting domain FILES, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name , was Home server: files pdb_set_homedir: setting home dir \\files\olb, was pdb_set_dir_drive: setting dir drive , was NULL pdb_set_logon_script: setting logon script , was Home server: files pdb_set_profile_path: setting profile path \\files\olb\profile, was pdb_set_workstations: setting workstations , was account_policy_get: name: password history, val: 0 pdb_set_user_sid: setting user sid S-1-5-21-4108215807-3801520835-147286624-21000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-4108215807-3801520835-147286624-21000 from rid 21000 account_policy_get: name: password history, val: 0 mod_smbfilepwd_entry: opening file /data/samba/private/smbpasswd mod_smbfilepwd_entry: entry exists for user olb I have now tried to compile samba-3.0.21b with the exactly same configuration as samba-3.0.25b version (same compiler etc.) and this version works with more than 8 chars passwords. Regards Ole Benner Netic A/S Roberto Lizana wrote: What can you see in console if you type this 'smbpasswd -D 10 anyUser' ??? Ole Benner escribió: I have compiled both samba-3.0.25a and samba-3.0.25b and with both I have problems setting user password longer than 8 chars with smbpasswd. I get no errors, but if I try to set a password with more than 8 chars the password will only be generated using the first 8 chars. This is on Solaris-10 update 3 on amd64 and I have compiled samba using Sun Studio 11 compiler suite and no other options to configure than --prefix=/some/path. Solaris-10 comes with samba 3.0.21b preinstalled and if I use smbpasswd from that installation there is no problems and the smaba-3.0.25(a/b) version works alright with 8 chars passwd once it is set. This looks like some 32/64 bit bug or similar. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd problem on Solaris-10
What can you see in console if you type this 'smbpasswd -D 10 anyUser' ??? Ole Benner escribió: I have compiled both samba-3.0.25a and samba-3.0.25b and with both I have problems setting user password longer than 8 chars with smbpasswd. I get no errors, but if I try to set a password with more than 8 chars the password will only be generated using the first 8 chars. This is on Solaris-10 update 3 on amd64 and I have compiled samba using Sun Studio 11 compiler suite and no other options to configure than --prefix=/some/path. Solaris-10 comes with samba 3.0.21b preinstalled and if I use smbpasswd from that installation there is no problems and the smaba-3.0.25(a/b) version works alright with 8 chars passwd once it is set. This looks like some 32/64 bit bug or similar. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd doesn't prompt root for password
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexander Skwar wrote: Hello. When I run smbpasswd from samba 3.0.23a on a MIPSEL system running Linux 2.4.20 as root, I'm NEVER asked for a password. Even when I create a new user in smbpasswd, I'm not asked: Please file a bug an attach the gzipped config.log from your build. Thanks. jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE1yrRIR7qMdg1EfYRAn9mAKDhMhH2QHypbfpKfEdfAMiVi8P9OwCgnv0U J5A75qR7QKD0M8c8zAWg2hk= =7dDK -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd batch mode
On Fri, Jun 09, 2006 at 05:09:13PM -0500, Craig Jackson wrote: Hi, I need to create a large number of users in the smbpasswd file.Is there a way to do this without having to type passwords? I need a batch mode. Using Samba 3. # cat importusers.sh #!/bin/bash datafile=userdata line_count=`cat $datafile | wc -l` filesystem=/dev/sda1 for data in `seq $line_count` do read data username=`echo $data | awk -F '{print $1}'` password=`echo $data | awk -F '{print $2}'` /usr/sbin/adduser -m -s /bin/false -p $password $username (echo $password; echo $password) | /usr/bin/smbpasswd -s -a $username /usr/sbin/setquota -u $username 0 1048576 0 0 -a $filesystem /bin/chmod 700 /home/$username done $datafile # cat userdata user1 password1 user2 password2 etc etc Take out or add as necessary :) -- Matthew Daubenspeck http://www.oddprocess.org Gentoo Linux 2.6.15-gentoo-r5 x86_64 Dual Core AMD Opteron(tm) Processor 165 19:13:22 up 29 days, 3:57, 1 user, load average: 0.07, 0.08, 0.08 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and /etc/samba/smbusers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Felipe Alfaro Solana wrote: Hi, I've been Googling around trying to found why I can't make SAMBA (concretely smbpasswd and pdbedit) make good use of the information held in the file /etc/samba/smbusers. I have done a clean install of Red Hat Enterprise Linux ES 4.1 Update 3 (both x86_64 and IA32) and Fedora Core 5. In all cases, running the following command fails: # smbpasswd -a Administrator New SMB password: Retype new SMB password: Failed to initialise SAM_ACCOUNT for user Administrator. Does this user exist in the UNIX password database ? Failed to modify password entry for user Administrator Even though /etc/samba/smbusers look like this: root = Administrator admin You add root and not administrator. This is by design. When in security = user, think of the username map as simply an alias file used for authentication requests. smbpasswd and pdbedit work below that layer. cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEajOgIR7qMdg1EfYRAhm/AJ44cwoQlFfpjQEfCv11OKFkDE2TjQCg08U9 BVhWLnVshEaIzsPImaG6du0= =plQc -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and /etc/samba/smbusers
You add root and not administrator. This is by design. When in security = user, think of the username map as simply an alias file used for authentication requests. smbpasswd and pdbedit work below that layer. You were completely right. I was screwed. Adding root via smbpasswd allows me to authenticate using smbclient as Administrator. Thanks a lot, Jerry. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd in a cron job
Try echo -e ${PASSWD}\n${PASSWD} | smbpasswd -a -s ${USER} br, Sebastian pgpY2IZTjjNNb.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd in a cron job
Hi Sebastian echo -e ${PASSWD}\n${PASSWD} | smbpasswd -a -s ${USER} Thanks a lot, it worked nicely Dennis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd in a cron job
Dennis Duggen wrote: Hi list For a project we are trying to change the samba password automatically in a cron job. Since smbpasswd doesn't allow the password to be entered otherwise than though the console (user input). We found a solution to the input part though expect. But as thing go expect doesn't work in a cron job since it has no tty. Is there anyone who can point us the right way to a solution. Hi, I also had a similar problem with providing a password to cupsaddsmb. You might try running your expect script through screen (although I solved the cupsaddsmb problem differently). -- Tomasz Chmielewski Software deployment with Samba http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd in a cron job
Hi Tomasz You might try running your expect script through screen (although I solved the cupsaddsmb problem differently). Thanks for your suggestion. I've tried it, but receive the message: Must be connected to a terminal.. Any more suggestions would be great. Is there maybe an easy way like with the system user: usermod -p `crypt pass` user Thanks, Dennis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd -m -x not working, object class violation error
On Thu, 2006-02-16 at 11:43 -0300, Andrés Yacopino wrote: This time i add values to cn , the object class inetOrgPerson and a value for sn. After that i try to delete the machine account and it works. Apparently it needs this object class as you said. How can i do to add this class automatically when a add a machine account using smbpasswd? Are you using smbldap-tools? In my case, I need to put some aditional information to new machine accounts like you. I modified the sub add_posix_machine in smbldap_tools.pm perl script to add the information I need. But I think class inetOrgPerson is added by this scripts... I use smbldap-tool 0.9.1 version. Hope this helps. /Fermin 2006/2/16, Daniel Wilson [EMAIL PROTECTED]: I also found that displayName belongs to inetorgperson object class. I try to add this object class to the user but i obtain and object class violation. Usually objectclasses have a set of required attributes that must have values before you can commit adding the object class. Did you just try and add the object class without adding values to the new attributes? I see that a user account(not a machine account) has a lot of object class, the machine account account has only the three classes sambaSamAccount,account,top. ok so mayby its trying to delete the attribute displayName from the inetorgperson which a machines doesnt have then...? Thanks. 2006/2/16, Andrés Yacopino [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: I see the attribute displayName(as allowed attribute) in these user object classes: -pabperson -sambasamaccount -smabagroupmapping The user account has only this classes: sambaSamAccount account top Is this wrong?, the attribute could be in some classes at the same time? Thanks, Andres. 2006/2/15, Daniel Wilson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: What object class is the displayName in and does the user account have that object class ? Im sure you need to have the object class before you can add/remove the attribute assigned to the object classs. Attributes belong to and are grouped in objectclasses. Regards Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: Thanks for replying Daniel, i execute :grep -il displayName *.ldif and i obtain: 00core.ldif 50ns-admin.ldif 50ns-iabs.ldif 99samba-schema-netscapeds5.x.ldif 99user.ldif And also see the configuration in the console and i see: Standard Attribute(Read Only): Name: displayName OID: 2.16.840.1.113730.3.1.241 Syntax: DirectoryString Multivalued: not checked Do you know what is wrong with this? Thanks a lot, Andrés. 2006/2/14, Daniel Wilson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: Im sure this means that its trying to delete the displayName attribute which is more than likely not in your LDAP schema. Look in install_dir/slapd-hostname/config/schema/ directory for your schema To see if displayName is part of any object classes in your LDAP schema search the schema files: bash# grep -il displayName install_dir/slapd-hostname/config/schema/*.ldif If its not part of your schema you may want to add this attribute to your 99user.ldif schema file or add the attribute via the Sun LDAP console (recommended): bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema Attributes Create -or- you may want to just disable schema checking in your LDAP server : bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema (Disable) Regards Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695
Re: [Samba] Smbpasswd -m -x not working, object class violation error
I see the attribute displayName(as allowed attribute) in these user object classes: -pabperson -sambasamaccount -smabagroupmapping The user account has only this classes: sambaSamAccount account top Is this wrong?, the attribute could be in some classes at the same time? Thanks, Andres. 2006/2/15, Daniel Wilson [EMAIL PROTECTED]: What object class is the displayName in and does the user account have that object class ? Im sure you need to have the object class before you can add/remove the attribute assigned to the object classs. Attributes belong to and are grouped in objectclasses. Regards Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: Thanks for replying Daniel, i execute :grep -il displayName *.ldif and i obtain: 00core.ldif 50ns-admin.ldif 50ns-iabs.ldif 99samba-schema-netscapeds5.x.ldif 99user.ldif And also see the configuration in the console and i see: Standard Attribute(Read Only): Name: displayName OID: 2.16.840.1.113730.3.1.241 Syntax: DirectoryString Multivalued: not checked Do you know what is wrong with this? Thanks a lot, Andrés. 2006/2/14, Daniel Wilson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: Im sure this means that its trying to delete the displayName attribute which is more than likely not in your LDAP schema. Look in install_dir/slapd-hostname/config/schema/ directory for your schema To see if displayName is part of any object classes in your LDAP schema search the schema files: bash# grep -il displayName install_dir/slapd-hostname/config/schema/*.ldif If its not part of your schema you may want to add this attribute to your 99user.ldif schema file or add the attribute via the Sun LDAP console (recommended): bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema Attributes Create -or- you may want to just disable schema checking in your LDAP server : bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema (Disable) Regards Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: Daniel, check the log as you said and i hit this: [14/Feb/2006:14:19:10 +0300] - ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry uid=aprueba$,ou=computers,o= acasalud.com.ar http://acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=c om,dc=ar, attribute displayName is not allowed What does it means? Thanks, Andrés. 2006/2/14, Daniel Wilson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: Have you checkes the Sun LDAP errors.log file for the specific object class violation? Usually at install_dir/slapd-hostname/logs/errors.log Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: I have deployed a samba server with Sun Java Ldap Directory. I sucessfully create users and deleted them when ldap delete dn=yes in smb.conf, but when ldap delete dn=no i obtain this error when i issue a smbpasswd -m -x command: ldapsam_delete_entry: Could not delete attributes for uid=aprueba$,ou=computers, o= acasalud.com.ar http://acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=com,dc=ar, error: Object class violation () Failed to delete entry for user aprueba$. Failed to modify password entry for user aprueba$ My smb.conf is: [global] workgroup = ACASALUDROS server string = Sun Samba Server security = user dos filetimes = yes time offset = -360 load printers = yes printcap name = /etc/printcap printing = cups guest account = guest log file = /usr/local/samba/var/log.%m log level = 5 max log size = 50 null passwords = yes encrypt passwords = yes ldap password sync = yes unix password sync = yes username level = 2 password level = 0 passwd program = /usr/bin/passwd %u passwd chat = *New* password* %n\n *new* password* %n\n
Re: [Samba] Smbpasswd -m -x not working, object class violation error
This time i add values to cn , the object class inetOrgPerson and a value for sn. After that i try to delete the machine account and it works. Apparently it needs this object class as you said. How can i do to add this class automatically when a add a machine account using smbpasswd? Thanks. Andres. 2006/2/16, Daniel Wilson [EMAIL PROTECTED]: I also found that displayName belongs to inetorgperson object class. I try to add this object class to the user but i obtain and object class violation. Usually objectclasses have a set of required attributes that must have values before you can commit adding the object class. Did you just try and add the object class without adding values to the new attributes? I see that a user account(not a machine account) has a lot of object class, the machine account account has only the three classes sambaSamAccount,account,top. ok so mayby its trying to delete the attribute displayName from the inetorgperson which a machines doesnt have then...? Thanks. 2006/2/16, Andrés Yacopino [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: I see the attribute displayName(as allowed attribute) in these user object classes: -pabperson -sambasamaccount -smabagroupmapping The user account has only this classes: sambaSamAccount account top Is this wrong?, the attribute could be in some classes at the same time? Thanks, Andres. 2006/2/15, Daniel Wilson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: What object class is the displayName in and does the user account have that object class ? Im sure you need to have the object class before you can add/remove the attribute assigned to the object classs. Attributes belong to and are grouped in objectclasses. Regards Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: Thanks for replying Daniel, i execute :grep -il displayName *.ldif and i obtain: 00core.ldif 50ns-admin.ldif 50ns-iabs.ldif 99samba-schema-netscapeds5.x.ldif 99user.ldif And also see the configuration in the console and i see: Standard Attribute(Read Only): Name: displayName OID: 2.16.840.1.113730.3.1.241 Syntax: DirectoryString Multivalued: not checked Do you know what is wrong with this? Thanks a lot, Andrés. 2006/2/14, Daniel Wilson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: Im sure this means that its trying to delete the displayName attribute which is more than likely not in your LDAP schema. Look in install_dir/slapd-hostname/config/schema/ directory for your schema To see if displayName is part of any object classes in your LDAP schema search the schema files: bash# grep -il displayName install_dir/slapd-hostname/config/schema/*.ldif If its not part of your schema you may want to add this attribute to your 99user.ldif schema file or add the attribute via the Sun LDAP console (recommended): bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema Attributes Create -or- you may want to just disable schema checking in your LDAP server : bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema (Disable) Regards Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: Daniel, check the log as you said and i hit this: [14/Feb/2006:14:19:10 +0300] - ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry uid=aprueba$,ou=computers,o= acasalud.com.ar http://acasalud.com.ar http://acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=c om,dc=ar, attribute displayName is
Re: [Samba] Smbpasswd -m -x not working, object class violation error
What object class is the displayName in and does the user account have that object class ? Im sure you need to have the object class before you can add/remove the attribute assigned to the object classs. Attributes belong to and are grouped in objectclasses. Regards Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: Thanks for replying Daniel, i execute :grep -il displayName *.ldif and i obtain: 00core.ldif 50ns-admin.ldif 50ns-iabs.ldif 99samba-schema-netscapeds5.x.ldif 99user.ldif And also see the configuration in the console and i see: Standard Attribute(Read Only): Name: displayName OID: 2.16.840.1.113730.3.1.241 Syntax: DirectoryString Multivalued: not checked Do you know what is wrong with this? Thanks a lot, Andrés. 2006/2/14, Daniel Wilson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: Im sure this means that its trying to delete the displayName attribute which is more than likely not in your LDAP schema. Look in install_dir/slapd-hostname/config/schema/ directory for your schema To see if displayName is part of any object classes in your LDAP schema search the schema files: bash# grep -il displayName install_dir/slapd-hostname/config/schema/*.ldif If its not part of your schema you may want to add this attribute to your 99user.ldif schema file or add the attribute via the Sun LDAP console (recommended): bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema Attributes Create -or- you may want to just disable schema checking in your LDAP server : bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema (Disable) Regards Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: Daniel, check the log as you said and i hit this: [14/Feb/2006:14:19:10 +0300] - ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry uid=aprueba$,ou=computers,o= acasalud.com.ar http://acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=c om,dc=ar, attribute displayName is not allowed What does it means? Thanks, Andrés. 2006/2/14, Daniel Wilson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: Have you checkes the Sun LDAP errors.log file for the specific object class violation? Usually at install_dir/slapd-hostname/logs/errors.log Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: I have deployed a samba server with Sun Java Ldap Directory. I sucessfully create users and deleted them when ldap delete dn=yes in smb.conf, but when ldap delete dn=no i obtain this error when i issue a smbpasswd -m -x command: ldapsam_delete_entry: Could not delete attributes for uid=aprueba$,ou=computers, o= acasalud.com.ar http://acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=com,dc=ar, error: Object class violation () Failed to delete entry for user aprueba$. Failed to modify password entry for user aprueba$ My smb.conf is: [global] workgroup = ACASALUDROS server string = Sun Samba Server security = user dos filetimes = yes time offset = -360 load printers = yes printcap name = /etc/printcap printing = cups guest account = guest log file = /usr/local/samba/var/log.%m log level = 5 max log size = 50 null passwords = yes encrypt passwords = yes ldap password sync = yes unix password sync = yes username level = 2 password level = 0 passwd program = /usr/bin/passwd %u passwd chat = *New* password* %n\n *new* password* %n\n *successfully* idmap backend = ldapsam:ldap://localhost:389 passdb backend = ldapsam:ldap://localhost:389 ldap admin dn = cn=Directory Manager ldap suffix = o= acasalud.com.ar http://acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=com,dc=ar ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap idmap suffix = ou=idmap ldap delete dn = no socket options = TCP_NODELAY=0
Re: [Samba] Smbpasswd -m -x not working, object class violation error
Have you checkes the Sun LDAP errors.log file for the specific object class violation? Usually at install_dir/slapd-hostname/logs/errors.log Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: I have deployed a samba server with Sun Java Ldap Directory. I sucessfully create users and deleted them when ldap delete dn=yes in smb.conf, but when ldap delete dn=no i obtain this error when i issue a smbpasswd -m -x command: ldapsam_delete_entry: Could not delete attributes for uid=aprueba$,ou=computers, o=acasalud.com.ar,dc=acasalud,dc=com,dc=ar, error: Object class violation () Failed to delete entry for user aprueba$. Failed to modify password entry for user aprueba$ My smb.conf is: [global] workgroup = ACASALUDROS server string = Sun Samba Server security = user dos filetimes = yes time offset = -360 load printers = yes printcap name = /etc/printcap printing = cups guest account = guest log file = /usr/local/samba/var/log.%m log level = 5 max log size = 50 null passwords = yes encrypt passwords = yes ldap password sync = yes unix password sync = yes username level = 2 password level = 0 passwd program = /usr/bin/passwd %u passwd chat = *New* password* %n\n *new* password* %n\n *successfully* idmap backend = ldapsam:ldap://localhost:389 passdb backend = ldapsam:ldap://localhost:389 ldap admin dn = cn=Directory Manager ldap suffix = o=acasalud.com.ar,dc=acasalud,dc=com,dc=ar ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap idmap suffix = ou=idmap ldap delete dn = no socket options = TCP_NODELAY=0 wins server = 10.11.0.2 dns proxy = no what is wrong? Is that works only when preferred master = yes domain master = yes local master = yes domain logons = yes are yes? Any other ideas? Thanks a lot. -- Andrés Yacopino -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd -m -x not working, object class violation error
Daniel, check the log as you said and i hit this: [14/Feb/2006:14:19:10 +0300] - ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry uid=aprueba$,ou=computers,o=acasalud.com.ar ,dc=acasalud,dc=c om,dc=ar, attribute displayName is not allowed What does it means? Thanks, Andrés. 2006/2/14, Daniel Wilson [EMAIL PROTECTED]: Have you checkes the Sun LDAP errors.log file for the specific object class violation? Usually at install_dir/slapd-hostname/logs/errors.log Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: I have deployed a samba server with Sun Java Ldap Directory. I sucessfully create users and deleted them when ldap delete dn=yes in smb.conf, but when ldap delete dn=no i obtain this error when i issue a smbpasswd -m -x command: ldapsam_delete_entry: Could not delete attributes for uid=aprueba$,ou=computers, o=acasalud.com.ar,dc=acasalud,dc=com,dc=ar, error: Object class violation () Failed to delete entry for user aprueba$. Failed to modify password entry for user aprueba$ My smb.conf is: [global] workgroup = ACASALUDROS server string = Sun Samba Server security = user dos filetimes = yes time offset = -360 load printers = yes printcap name = /etc/printcap printing = cups guest account = guest log file = /usr/local/samba/var/log.%m log level = 5 max log size = 50 null passwords = yes encrypt passwords = yes ldap password sync = yes unix password sync = yes username level = 2 password level = 0 passwd program = /usr/bin/passwd %u passwd chat = *New* password* %n\n *new* password* %n\n *successfully* idmap backend = ldapsam:ldap://localhost:389 passdb backend = ldapsam:ldap://localhost:389 ldap admin dn = cn=Directory Manager ldap suffix = o=acasalud.com.ar,dc=acasalud,dc=com,dc=ar ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap idmap suffix = ou=idmap ldap delete dn = no socket options = TCP_NODELAY=0 wins server = 10.11.0.2 dns proxy = no what is wrong? Is that works only when preferred master = yes domain master = yes local master = yes domain logons = yes are yes? Any other ideas? Thanks a lot. -- Andrés Yacopino -- Andrés Yacopino -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd -m -x not working, object class violation error
Im sure this means that its trying to delete the displayName attribute which is more than likely not in your LDAP schema. Look in install_dir/slapd-hostname/config/schema/ directory for your schema To see if displayName is part of any object classes in your LDAP schema search the schema files: bash# grep -il displayName install_dir/slapd-hostname/config/schema/*.ldif If its not part of your schema you may want to add this attribute to your 99user.ldif schema file or add the attribute via the Sun LDAP console (recommended): bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema Attributes Create -or- you may want to just disable schema checking in your LDAP server : bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema (Disable) Regards Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: Daniel, check the log as you said and i hit this: [14/Feb/2006:14:19:10 +0300] - ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry uid=aprueba$,ou=computers,o= acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=c om,dc=ar, attribute displayName is not allowed What does it means? Thanks, Andrés. 2006/2/14, Daniel Wilson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: Have you checkes the Sun LDAP errors.log file for the specific object class violation? Usually at install_dir/slapd-hostname/logs/errors.log Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: I have deployed a samba server with Sun Java Ldap Directory. I sucessfully create users and deleted them when ldap delete dn=yes in smb.conf, but when ldap delete dn=no i obtain this error when i issue a smbpasswd -m -x command: ldapsam_delete_entry: Could not delete attributes for uid=aprueba$,ou=computers, o= acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=com,dc=ar, error: Object class violation () Failed to delete entry for user aprueba$. Failed to modify password entry for user aprueba$ My smb.conf is: [global] workgroup = ACASALUDROS server string = Sun Samba Server security = user dos filetimes = yes time offset = -360 load printers = yes printcap name = /etc/printcap printing = cups guest account = guest log file = /usr/local/samba/var/log.%m log level = 5 max log size = 50 null passwords = yes encrypt passwords = yes ldap password sync = yes unix password sync = yes username level = 2 password level = 0 passwd program = /usr/bin/passwd %u passwd chat = *New* password* %n\n *new* password* %n\n *successfully* idmap backend = ldapsam:ldap://localhost:389 passdb backend = ldapsam:ldap://localhost:389 ldap admin dn = cn=Directory Manager ldap suffix = o=acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=com,dc=ar ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap idmap suffix = ou=idmap ldap delete dn = no socket options = TCP_NODELAY=0 wins server = 10.11.0.2 http://10.11.0.2 dns proxy = no what is wrong? Is that works only when preferred master = yes domain master = yes local master = yes domain logons = yes are yes? Any other ideas? Thanks a lot. -- Andrés Yacopino -- Andrés Yacopino -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd -m -x not working, object class violation error
Thanks for replying Daniel, i execute :grep -il displayName *.ldif and i obtain: 00core.ldif 50ns-admin.ldif 50ns-iabs.ldif 99samba-schema-netscapeds5.x.ldif 99user.ldif And also see the configuration in the console and i see: Standard Attribute(Read Only): Name: displayName OID: 2.16.840.1.113730.3.1.241 Syntax: DirectoryString Multivalued: not checked Do you know what is wrong with this? Thanks a lot, Andrés. 2006/2/14, Daniel Wilson [EMAIL PROTECTED]: Im sure this means that its trying to delete the displayName attribute which is more than likely not in your LDAP schema. Look in install_dir/slapd-hostname/config/schema/ directory for your schema To see if displayName is part of any object classes in your LDAP schema search the schema files: bash# grep -il displayName install_dir/slapd-hostname/config/schema/*.ldif If its not part of your schema you may want to add this attribute to your 99user.ldif schema file or add the attribute via the Sun LDAP console (recommended): bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema Attributes Create -or- you may want to just disable schema checking in your LDAP server : bash # install_dir/startconsole Server Group Directory Server (Open) Configuration Schema (Disable) Regards Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: Daniel, check the log as you said and i hit this: [14/Feb/2006:14:19:10 +0300] - ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry uid=aprueba$,ou=computers,o= acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=c om,dc=ar, attribute displayName is not allowed What does it means? Thanks, Andrés. 2006/2/14, Daniel Wilson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: Have you checkes the Sun LDAP errors.log file for the specific object class violation? Usually at install_dir/slapd-hostname/logs/errors.log Daniel Wilson Systems Manager Student and Learning Support University of Sunderland Tel: 0191 515 2695 Andrés Yacopino wrote: I have deployed a samba server with Sun Java Ldap Directory. I sucessfully create users and deleted them when ldap delete dn=yes in smb.conf, but when ldap delete dn=no i obtain this error when i issue a smbpasswd -m -x command: ldapsam_delete_entry: Could not delete attributes for uid=aprueba$,ou=computers, o= acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=com,dc=ar, error: Object class violation () Failed to delete entry for user aprueba$. Failed to modify password entry for user aprueba$ My smb.conf is: [global] workgroup = ACASALUDROS server string = Sun Samba Server security = user dos filetimes = yes time offset = -360 load printers = yes printcap name = /etc/printcap printing = cups guest account = guest log file = /usr/local/samba/var/log.%m log level = 5 max log size = 50 null passwords = yes encrypt passwords = yes ldap password sync = yes unix password sync = yes username level = 2 password level = 0 passwd program = /usr/bin/passwd %u passwd chat = *New* password* %n\n *new* password* %n\n *successfully* idmap backend = ldapsam:ldap://localhost:389 passdb backend = ldapsam:ldap://localhost:389 ldap admin dn = cn=Directory Manager ldap suffix = o=acasalud.com.ar http://acasalud.com.ar,dc=acasalud,dc=com,dc=ar ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap idmap suffix = ou=idmap ldap delete dn = no socket options = TCP_NODELAY=0 wins server = 10.11.0.2 http://10.11.0.2 dns proxy = no what is wrong? Is that works only when preferred master = yes domain master = yes local master = yes domain logons = yes are yes? Any other ideas? Thanks a lot. -- Andrés Yacopino -- Andrés Yacopino -- Andrés Yacopino -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd script fails
You are sending all the output to a single bash shell so only one command gets executed. You need to figure out a way to execute the awk | bash for each line of users.csv Something like the following should work #! /bin/bash cat users.csv | while read ; do echo $REPLY | awk 'BEGIN {FS=,}{print smbpasswd -a -s $1\n$3\n$3\n}' | /bin/bash done Jack Mendez wrote: i am using a script with awk which only works to add the first user from my csv file. when running with out the -s switch the output seems to be correct using echo to test. here is the script #!/bin/bash cat users.csv |awk 'BEGIN {FS=,}{print echo smbpasswd -a -s $1\n$3\n$3\n}' |/bin/bash this script successfuly adds the first user. when using the -s switch. when i tried this same script with out the -s switch the output is like this. smbpasswd -a username then bash complains and smbpasswd wants a password it does this for each user twice. dunno any ideas? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd script fails
my useradd script works exactly the same way, why does that one work and not this one? kinda new to awk so just want to learn, i will give this a shot though. On Thu, December 1, 2005 9:02 pm, Herb Lewis said: You are sending all the output to a single bash shell so only one command gets executed. You need to figure out a way to execute the awk | bash for each line of users.csv Something like the following should work #! /bin/bash cat users.csv | while read ; do echo $REPLY | awk 'BEGIN {FS=,}{print smbpasswd -a -s $1\n$3\n$3\n}' | /bin/bash done Jack Mendez wrote: i am using a script with awk which only works to add the first user from my csv file. when running with out the -s switch the output seems to be correct using echo to test. here is the script #!/bin/bash cat users.csv |awk 'BEGIN {FS=,}{print echo smbpasswd -a -s $1\n$3\n$3\n}' |/bin/bash this script successfuly adds the first user. when using the -s switch. when i tried this same script with out the -s switch the output is like this. smbpasswd -a username then bash complains and smbpasswd wants a password it does this for each user twice. dunno any ideas? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smbpasswd -d nobody, listing still possible?
Julius, Set 'security = user'. Kind regards, Jeroen van Meeuwen -- kanarip -Original Message- Subject: [Samba] smbpasswd -d nobody, listing still possible? hi, i wondered why i can still list my shares with smbclient -NL localip, security = SHARE i just disable the user nobody? my conf: [global] workgroup = MIDEARTH netbios name = GANDALF security = SHARE message command = sh -c '/usr/kde/3.4/bin/winpopup-send.sh %s %m' bind interfaces only = yes interfaces = eth0 lo passdb backend = tdbsam guest account = nobody #logging log file = /tmp/samba.log log level = 3 [data] comment = Data path = /home/metalfan/Windows guest only = Yes writeable = Yes and the smbclient -NL localip output: Domain=[MIDEARTH] OS=[Unix] Server=[Samba 3.0.20b] Sharename Type Comment - --- dataDisk Data data2 Disk IPC$IPC IPC Service (Samba 3.0.20b) ADMIN$ IPC IPC Service (Samba 3.0.20b) Domain=[MIDEARTH] OS=[Unix] Server=[Samba 3.0.20b] Server Comment ---- GANDALF Samba 3.0.20b WorkgroupMaster ---- MIDEARTH shouldnt i just get some error like..no user.. ? greets Julius -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and LDAP backend
On 09/09/05, Mark Proehl [EMAIL PROTECTED] wrote: Hello, you have to set unix password sync = No ldap passwd sync = Yes What about just: passdb backend = ldapsam:ldap://ldap.blah.org and use an LDAP-server that supports the password modify extended operation (like OpenLDAP). A password change via smbpasswd will update all userPassword attributes of the LDAP entry Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] smbpasswd and LDAP backend
I think you have to use smbldap-tools (available at samba.org) Cyrille Paul Henry [EMAIL PROTECTED] Envoyé par : [EMAIL PROTECTED] 09/09/2005 09:43 Veuillez répondre à [EMAIL PROTECTED] A samba@lists.samba.org cc Objet [Samba] smbpasswd and LDAP backend Dear List, If I have a PDC with an LDAP backend, would just running smbpasswd username update the users passwd in both the LDAP directory and smb secrets? Thanks, Paul. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and LDAP backend
Paul Henry wrote: Dear List, If I have a PDC with an LDAP backend, would just running smbpasswd username update the users passwd in both the LDAP directory and smb secrets? Yes, as long as you give the correct setting for passwd program in smb.conf. -- --beast -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and LDAP backend
Hello, you have to set unix password sync = No ldap passwd sync = Yes and use an LDAP-server that supports the password modify extended operation (like OpenLDAP). A password change via smbpasswd will update all userPassword attributes of the LDAP entry Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd -s option
Op Monday 27 June 2005 11:40, schreef u: Wim Bakker schrieb: Hello I try to get smbpasswd adding users and passwd from script the following way : smbpasswd -a -s username password What is the correct syntax for using smbpasswd with -s option? printf password\npassword\n | smbpasswd -a -s username Thanks, I did : echo passwd | smbpasswd -a -s username which gave me a mismatch error apparently smbpasswd wants to see a confirmation nowadays with -s. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -r connecting to old samba not working
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wayne Schroeder wrote: The error message is on the SERVER though... regardless of the server's error bugs or not, the new smbpasswd won't work, yet the old one does... so something in smbpasswd or it's supporting libs on the new version 3 source tree is doing something different I would imagine. On Tue, Jun 14, 2005 at 05:39:01PM -0500, Wayne Schroeder wrote: I am trying to build 3.0.14a and use it's smbpasswd binary to change passwords on a remote debian woody samba install -- the samba install on the remote debian machine is listed as '2.2.3a-15' I can use the previous smbpasswd binary from the same version on the client linux machine to smbpasswd -r and change user passwords, but the new version from 3.0.14a does not work against the 2.2.3a version. I get an error message like: [2005/06/14 16:45:17, 0] smbd/chgpasswd.c:check_oem_password(817) check_oem_password: incorrect password length (-177685840). I would be more inclined to call this a bug in 2.2.3a (on debian right) ? Since 2.2 is no longer being maintained, you could try to track this down own your own or possibly upgrade. Another method would be to start trying smbpasswd from 3.0.x releases 3.0.14a and movning backwards to see when the incompatibility was introduced. We could then look at the svn logs to try to isolate the change and come up with a workaround. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCsE66IR7qMdg1EfYRAkWoAJ9tEL/d1NsRpWTq014PgV9/7S6H4QCg8a/0 EIR4WfoKq4b8w1/2LmMZ9hk= =rs0+ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -r connecting to old samba not working
The only problem with that is the old servers are NOT our servers -- they are not managed by us. It's hard for us to tell people 'hey, we updated something, so now you have to'. Regardless of if it is a bug with the old version of samba, I would imagine there is some value in being backwards compatible with old versions, regardless of being maintained. The crux of the whole deal is that in the world of password changing, the old smbpassword worked against everything, now in order to get support for the new 2003 server boxes that need samba 3 to connect to them, we lose support for changing passwords on a large set of other boxes. The obvious answer to this from an operational stand point is to use the old binary / install base for changing passwords on these boxes, but I was hoping that there was some simple fix / work around that would address the backwards compatibility issue I have ran into. It seems somewhat strange that we would strive for backwards compatibility for old servers using protocols like CORE, COREPLUS, LANMAN1, LANMAN2 etc.. but not support older samba releases IMHO. Wayne Gerald (Jerry) Carter wrote: Wayne Schroeder wrote: The error message is on the SERVER though... regardless of the server's error bugs or not, the new smbpasswd won't work, yet the old one does... so something in smbpasswd or it's supporting libs on the new version 3 source tree is doing something different I would imagine. On Tue, Jun 14, 2005 at 05:39:01PM -0500, Wayne Schroeder wrote: I am trying to build 3.0.14a and use it's smbpasswd binary to change passwords on a remote debian woody samba install -- the samba install on the remote debian machine is listed as '2.2.3a-15' I can use the previous smbpasswd binary from the same version on the client linux machine to smbpasswd -r and change user passwords, but the new version from 3.0.14a does not work against the 2.2.3a version. I get an error message like: [2005/06/14 16:45:17, 0] smbd/chgpasswd.c:check_oem_password(817) check_oem_password: incorrect password length (-177685840). I would be more inclined to call this a bug in 2.2.3a (on debian right) ? Since 2.2 is no longer being maintained, you could try to track this down own your own or possibly upgrade. Another method would be to start trying smbpasswd from 3.0.x releases 3.0.14a and movning backwards to see when the incompatibility was introduced. We could then look at the svn logs to try to isolate the change and come up with a workaround. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -r connecting to old samba not working
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wayne Schroeder wrote: | The only problem with that is the old servers are | NOT our servers -- they are not managed by us. It's | hard for us to tell people 'hey, we updated something, | so now you have to'. Regardless of if it is a bug | with the old version of samba, I would imagine there | is some value in being backwards compatible with old | versions, regardless of being maintained. The crux of | the whole deal is that in the world of password | changing, the old smbpassword worked against everything, | now in order to get support for the new 2003 server | boxes that need samba 3 to connect to them, we lose | support for changing passwords on a large set of other | boxes. The obvious answer to this from an operational | stand point is to use the old binary / install base | for changing passwords on these boxes, but I was hoping | that there was some simple fix / work around that would | address the backwards compatibility issue I have ran | into. It seems somewhat strange that we would | strive for backwards compatibility for old servers using | protocols like CORE, COREPLUS, LANMAN1, LANMAN2 etc.. | but not support older samba releases IMHO. Wayne, First off, any breakage was not intentional. Second, I gave you instructions for helping us track it down. What I said about 2.2.x is that we will not issue a patch for it. I will be happy to issue a patch for smbpasswd to fix any incompatibilities with older Samba version if possible. But it requires that you do some things to help me out Here they are again: | Another method would be to start trying smbpasswd | from 3.0.x releases 3.0.14a and moving backwards to | see when the incompatibility was introduced. We could | then look at the svn logs to try to isolate the change | and come up with a workaround. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCsJ3LIR7qMdg1EfYRAjh7AJ9L6SIE6zJa5oGF6hAJyEkc2oN4mACgwVTZ uzTz4x5jHNVN5dr51IQhGW0= =P9j6 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -r connecting to old samba not working
Gerald (Jerry) Carter wrote: Wayne, First off, any breakage was not intentional. Second, I gave you instructions for helping us track it down. What I said about 2.2.x is that we will not issue a patch for it. I will be happy to issue a patch for smbpasswd to fix any incompatibilities with older Samba version if possible. But it requires that you do some things to help me out Here they are again: | Another method would be to start trying smbpasswd | from 3.0.x releases 3.0.14a and moving backwards to | see when the incompatibility was introduced. We could | then look at the svn logs to try to isolate the change | and come up with a workaround. I should have been more clear .. the last message was generally directed at those suggesting that I should just upgrade the old samba installs instead of isolating the change / making a potential work around (or fix, if it is deemed as such) in the new code. I will gladly assist in isolating where the problem was introduced, and I am sure that no change / breakage was intentional and did not intend to imply that if it sounded as such. I will post more information as it becomes available, thanks again. Wayne -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -a -m
Jaime Amigo Pinilla wrote: I am trying to configure Samba 2.2x with Win2K. I need that samba shares a directory in the Linux server and the users Windows access that without authentication. I created the UNIX users (etc/passwd). dic00037$:*:504:65533:DIC00037:/dev/null:/bin/false dic00024$:*:505:65533:DIC00024:/dev/null:/bin/false dic00021$:*:506:65533:DIC00021:/dev/null:/bin/false I creates the Samba users. smbpasswd -a -m dic00037 smbpasswd -a -m dic00024 smbpasswd -a -m dic00021 The above creates machine accounts which is unnecessary. This will not help. You need to read the docs about guest users. Another easy way is to create 1 samba user account and have everyone mount the drive using that account. Not very secure but that doesn't seem to be a concern for you. I'm trying to access by Windows with \\150.10.10.70, show me [homes] but I cannot access the folder. Any suggestion? Regards Jaime Attached additional information: peumo:/etc/samba # smbclient -L \\localhost -U% added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 added interface ip=150.10.10.70 bcast=150.10.255.255 nmask=255.255.0.0 Domain=[SANTIAGO] OS=[Unix] Server=[Samba 2.2.5-UL] Sharename Type Comment - --- homes Disk ComparteLinux IPC$ IPC IPC Service (Servidor Samba Linux) ADMIN$ Disk IPC Service (Servidor Samba Linux) Server Comment ---- CAPRE-SANTIAGO PEUMOServidor Samba Linux WorkgroupMaster ---- SANTIAGO CAPRE-SANTIAGO /etc/samba/smb.conf [global] workgroup = SANTIAGO netbios name = peumo server string = Servidor Samba Linux unix extensions = yes security = share encrypt passwords = yes load printers = no socket options = IPTOS_LOWDELAY TCP_NODELAY hosts allow = 150.10.12. localhost interfaces = 127.0.0.1/8 150.10.10.70/16 bind interfaces only = yes password server = CAPRE-SANTIAGO username map = /etc/samba/smbusers smb passwd file = /etc/samba/smbpasswd log level = 1 large readwrite = yes max log size = 1000 auto services = homes log file = /var/log/samba/%m.log veto files = /*.eml/*.nws/riched20.dll/*.{*}/ local master = yes [homes] path= /home/compartelinux comment = ComparteLinux volume = Disco-Linux browseable = yes writeable = yes guest ok = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smbpasswd -a -m
Not quite sure what you want, but it sounds like you want to access your home share, without providing credentials? --mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jaime Amigo Pinilla Sent: Wednesday, June 15, 2005 2:43 PM To: samba@lists.samba.org Subject: [Samba] smbpasswd -a -m I am trying to configure Samba 2.2x with Win2K. I need that samba shares a directory in the Linux server and the users Windows access that without authentication. I created the UNIX users (etc/passwd). dic00037$:*:504:65533:DIC00037:/dev/null:/bin/false dic00024$:*:505:65533:DIC00024:/dev/null:/bin/false dic00021$:*:506:65533:DIC00021:/dev/null:/bin/false I creates the Samba users. smbpasswd -a -m dic00037 smbpasswd -a -m dic00024 smbpasswd -a -m dic00021 I'm trying to access by Windows with \\150.10.10.70, show me [homes] but I cannot access the folder. Any suggestion? Regards Jaime Attached additional information: peumo:/etc/samba # smbclient -L \\localhost -U% added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 added interface ip=150.10.10.70 bcast=150.10.255.255 nmask=255.255.0.0 Domain=[SANTIAGO] OS=[Unix] Server=[Samba 2.2.5-UL] Sharename Type Comment - --- homes Disk ComparteLinux IPC$ IPC IPC Service (Servidor Samba Linux) ADMIN$ Disk IPC Service (Servidor Samba Linux) Server Comment ---- CAPRE-SANTIAGO PEUMOServidor Samba Linux WorkgroupMaster ---- SANTIAGO CAPRE-SANTIAGO /etc/samba/smb.conf [global] workgroup = SANTIAGO netbios name = peumo server string = Servidor Samba Linux unix extensions = yes security = share encrypt passwords = yes load printers = no socket options = IPTOS_LOWDELAY TCP_NODELAY hosts allow = 150.10.12. localhost interfaces = 127.0.0.1/8 150.10.10.70/16 bind interfaces only = yes password server = CAPRE-SANTIAGO username map = /etc/samba/smbusers smb passwd file = /etc/samba/smbpasswd log level = 1 large readwrite = yes max log size = 1000 auto services = homes log file = /var/log/samba/%m.log veto files = /*.eml/*.nws/riched20.dll/*.{*}/ local master = yes [homes] path= /home/compartelinux comment = ComparteLinux volume = Disco-Linux browseable = yes writeable = yes guest ok = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -r connecting to old samba not working
On Tue, Jun 14, 2005 at 05:39:01PM -0500, Wayne Schroeder wrote: I am trying to build 3.0.14a and use it's smbpasswd binary to change passwords on a remote debian woody samba install -- the samba install on the remote debian machine is listed as '2.2.3a-15' I can use the previous smbpasswd binary from the same version on the client linux machine to smbpasswd -r and change user passwords, but the new version from 3.0.14a does not work against the 2.2.3a version. I get an error message like: [2005/06/14 16:45:17, 0] smbd/chgpasswd.c:check_oem_password(817) check_oem_password: incorrect password length (-177685840). I searched a bit and found that this has something to do with hash lengths, or so it seems. I tried various configuration changes in the smb.conf that I was using to no avail -- I tried all the hash tuning and lanman auth options I could find. A few data points: The binary in question from 3.0.14a DOES change passwords against an exchange server just fine. It's a error message bug I'm afraid. Jerry just fixed it in the SVN source. If you bug him enough I'm sure he'll post a patch :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -r connecting to old samba not working
The error message is on the SERVER though... regardless of the server's error bugs or not, the new smbpasswd won't work, yet the old one does... so something in smbpasswd or it's supporting libs on the new version 3 source tree is doing something different I would imagine. Jeremy Allison wrote: On Tue, Jun 14, 2005 at 05:39:01PM -0500, Wayne Schroeder wrote: I am trying to build 3.0.14a and use it's smbpasswd binary to change passwords on a remote debian woody samba install -- the samba install on the remote debian machine is listed as '2.2.3a-15' I can use the previous smbpasswd binary from the same version on the client linux machine to smbpasswd -r and change user passwords, but the new version from 3.0.14a does not work against the 2.2.3a version. I get an error message like: [2005/06/14 16:45:17, 0] smbd/chgpasswd.c:check_oem_password(817) check_oem_password: incorrect password length (-177685840). I searched a bit and found that this has something to do with hash lengths, or so it seems. I tried various configuration changes in the smb.conf that I was using to no avail -- I tried all the hash tuning and lanman auth options I could find. A few data points: The binary in question from 3.0.14a DOES change passwords against an exchange server just fine. It's a error message bug I'm afraid. Jerry just fixed it in the SVN source. If you bug him enough I'm sure he'll post a patch :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd, tdb_fetch_uint32 failed
On Mon, 11 Apr 2005, Gerald (Jerry) Carter wrote: Nicolas Kowalski wrote: | | Since I upgraded my samba PDC from 3.0.11 to 3.0.13, I have | some strange warnings when changing the passwords with | 'smbpasswd' (it works, but gives these messages): | | # smbpasswd username | New SMB password: | Retype new SMB password: | account_policy_get: tdb_fetch_uint32 failed for field 4 (maximum password age (seconds since 1970)), returning 0 | account_policy_get: tdb_fetch_uint32 failed for field 5 (minimum password age (seconds since 1970)), returning 0 Should be fixed in 3.0.14 once it is out in the next day or so. That's great, Thanks ! Regards, -- Nicolas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -as
I have a problem by using smbpasswd -as USER PASSWORD it returns with this: [EMAIL PROTECTED] ~]# smbpasswd -as USER PASSWORD When run by root: smbpasswd [options] [username] otherwise: smbpasswd [options] I has been a problem for about 6 month now on both debian testing and redhat ES 3 / 4 It is still working on Redhat 9 with samba-2.2.12-0.90.2.legacy Any one know why? Sure, passing the password on the command line is no longer supported. I can't remember the exact version (maybe in the release notes?) but it simply isn't an option. There are ways around it however if you're trying to create a script. My script usage, ripped off the list a while ago is this: `(echo $password; echo $password) | $smbpasswd -s -a $username` Note: The above is a line from a perl script, however I think the original was for bash. You can probably figure out how to adapt it to your language from there ;) -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd, tdb_fetch_uint32 failed
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Nicolas Kowalski wrote: | Hello, | | Since I upgraded my samba PDC from 3.0.11 to 3.0.13, I have | some strange warnings when changing the passwords with | 'smbpasswd' (it works, but gives these messages): | | # smbpasswd username | New SMB password: | Retype new SMB password: | account_policy_get: tdb_fetch_uint32 failed for field 4 (maximum password age (seconds since 1970)), returning 0 | account_policy_get: tdb_fetch_uint32 failed for field 5 (minimum password age (seconds since 1970)), returning 0 Should be fixed in 3.0.14 once it is out in the next day or so. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCWqUwIR7qMdg1EfYRArxEAKDXLNFome1rZei1xmhRqLOyl8YFjQCgouO1 QrF9rLhhA+1KzXGNhMHuOaw= =mGaC -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd to LDAP
Quoting Paul Gienger [EMAIL PROTECTED]: mess. My question is Shouldn't I somehow be able to insert samba passwords into the LDAP database and move on? Or is it just past that point now? Well, you can do one of two things, as I see it: 1. Try to run pdbedit with import/export flags and point it at your password file. Note that I don't know what this will do with existing entries' data. Will not work. All user passwords are already in LDAP in the current server. 2. Grab the password hashes out of the file and manually insert them. This did work. I'll have to write a script to take care of this for our site here. Thanks for all the help. Naturally 1 would be easier. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] This message was sent using IMP, the Internet Messaging Program. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd to LDAP
mess. My question is Shouldn't I somehow be able to insert samba passwords into the LDAP database and move on? Or is it just past that point now? Well, you can do one of two things, as I see it: 1. Try to run pdbedit with import/export flags and point it at your password file. Note that I don't know what this will do with existing entries' data. Will not work. All user passwords are already in LDAP in the current server. I don't think I was clear here, I didn't say to point it at your smbpasswd file, instead I said passsword file. You already stated that you didn't have the windows passwords in LDAP so there shouldn't be any overlap there. My concern was how it would handle if you had somehow gotten the sambaSamAccount objectClass on the users already. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd to LDAP
Quoting Paul Gienger [EMAIL PROTECTED]: mess. My question is Shouldn't I somehow be able to insert samba passwords into the LDAP database and move on? Or is it just past that point now? Well, you can do one of two things, as I see it: 1. Try to run pdbedit with import/export flags and point it at your password file. Note that I don't know what this will do with existing entries' data. Will not work. All user passwords are already in LDAP in the current server. I don't think I was clear here, I didn't say to point it at your smbpasswd file, instead I said passsword file. You already stated that you didn't have the windows passwords in LDAP so there shouldn't be any overlap there. My concern was how it would handle if you had somehow gotten the sambaSamAccount objectClass on the users already. I really do not follow what you suggested I try with the pdbedit command. All I'm interested in is the LM and NT hashes inside of the sambapassword file on my production server. How would the pdbedit command help me get those LM and NT hashes into my LDAP database on my new server? -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] This message was sent using IMP, the Internet Messaging Program. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd to LDAP
I don't think I was clear here, I didn't say to point it at your smbpasswd file, instead I said passsword file. You already stated that you didn't have the windows passwords in LDAP so there shouldn't be any overlap there. My concern was how it would handle if you had somehow gotten the sambaSamAccount objectClass on the users already. I really do not follow what you suggested I try with the pdbedit command. All I'm interested in is the LM and NT hashes inside of the sambapassword file on my production server. How would the pdbedit command help me get those LM and NT hashes into my LDAP database on my new server? It would help you because that is exactly what it does. If you have ldap set up and working already, so that a newly added user works, the command should be something like pdbedit -i smbpasswd:/etc/smbpasswd.old otherwise you'd have to specify the ldapsam with the -e flag Quoting the man page -i passdb-backend Use a different passdb backend to retrieve users than the one specified in smb.conf. Can be used to import data into your lo- cal user database. This option will ease migration from one passdb backend to another. -e passdb-backend Exports all currently available users to the specified password database backend. This option will ease migration from one passdb backend to another and will ease backing up. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd to LDAP
Matt Lung wrote: Is there a way to take users samba passwords from an old 2.x Samba server, and insert them into a new 3.x Samba server that using an LDAP backend? The new server is already populated with all users and groups in LDAP and is currently on a test network. All that is needed is the users samba passwords from the old server that is using the smbpasswd file. If there aren't samba attributes in ldap you can use pdbedit -i smbpasswd:smbpasswd-file-path If there are already samba attributes this won't work. What I did was: - clean the ldap database (easy here since I was just testing) - smbldap-populate -k 0 -a root - obtain /etc/passwd, /etc/shadow, /etc/samba/smbpasswd from the old machine - remove all machine accounts, system groups and other users/groups you don't in ldap from all these files at this point, if you have special characters (like, á, é, í, etc.) in your files, you'll have to make somewhat a cleaned-up copy, since the idealx tools don't work with non us-ascii characters -temporarily add users in /etc/passwd of the new machine -pdbedit -i smbpasswd:smbpasswd-file -remove the users previously added to /etc/passwd -smbldap-migrate-passwd -d account -a -P your cleansed passwd file -S your shadow file -smbldap-migrate-group -a -G your cleansed group file What I done may be totally wrong, YMMV, etc., but it seems it has worked fine so far. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd to LDAP
Quoting Luca Olivetti [EMAIL PROTECTED]: Matt Lung wrote: Is there a way to take users samba passwords from an old 2.x Samba server, and insert them into a new 3.x Samba server that using an LDAP backend? The new server is already populated with all users and groups in LDAP and is currently on a test network. All that is needed is the users samba passwords from the old server that is using the smbpasswd file. If there aren't samba attributes in ldap you can use pdbedit -i smbpasswd:smbpasswd-file-path If there are already samba attributes this won't work. What I did was: Hmm... I don't think that will work for us here. Our users have been migrated out of the passwd and shadow file on the old server for a while now. Their account info (except their samba password) has lived in LDAP for a few years now. I'm just trying to avoid having to change all the users passwords on the new server and having a big mess. I'd like it to be very transparent. I guess if what I'm asking is impossible at this point I'm sort of heading towards the mess. My question is Shouldn't I somehow be able to insert samba passwords into the LDAP database and move on? Or is it just past that point now? When I change my password on the new server I know it is changing the sambaLMPassword attribute. So how is the migrate tool setting that from the sambapasswd file when someone is migrating? - clean the ldap database (easy here since I was just testing) - smbldap-populate -k 0 -a root - obtain /etc/passwd, /etc/shadow, /etc/samba/smbpasswd from the old machine - remove all machine accounts, system groups and other users/groups you don't in ldap from all these files at this point, if you have special characters (like, á, é, í, etc.) in your files, you'll have to make somewhat a cleaned-up copy, since the idealx tools don't work with non us-ascii characters -temporarily add users in /etc/passwd of the new machine -pdbedit -i smbpasswd:smbpasswd-file -remove the users previously added to /etc/passwd -smbldap-migrate-passwd -d account -a -P your cleansed passwd file -S your shadow file -smbldap-migrate-group -a -G your cleansed group file What I done may be totally wrong, YMMV, etc., but it seems it has worked fine so far. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba This message was sent using IMP, the Internet Messaging Program. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd to LDAP
mess. My question is Shouldn't I somehow be able to insert samba passwords into the LDAP database and move on? Or is it just past that point now? Well, you can do one of two things, as I see it: 1. Try to run pdbedit with import/export flags and point it at your password file. Note that I don't know what this will do with existing entries' data. 2. Grab the password hashes out of the file and manually insert them. Naturally 1 would be easier. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd
Somewhere in between the functionality of smbpasswd appears to have changed. When run as root user from: smbpasswd [options] username password to: smbpasswd [options] username Is there a simple replacement to the original non interaction functionality? I believe the change was stated in the release notes for the version that the change was made in. There is a option to change the input mode of smbpasswd to listen to stdin rather than the tty, which is what it does and keeps you from scripting a solution. I believe the switch is -s, much like the standard passwd program's --stdin flag. What this does is allow you to do something like: (echo $PASS; echo $PASS) | smbpasswd -s username in a script. -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -w
Did you do --with-ldap or --with-ldapsam as well? _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - User Support Spec. III |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Mon, 7 Feb 2005, Jochen Witte wrote: Hi, I try to set up samba (latest) to use LDAP. I get # smbpasswd -w secret -w not available unless configured --with-ldapsam I xompiled with LDAP support. Any hints? -- Jochen Witte [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -w
I xompiled with LDAP support. Any hints? Are you sure? The binaries very seldom lie. Check the output of smbd -b |grep LDAP You should see the following: (for example) [fgoserv:/]# /opt/samba/sbin/smbd -b |grep LDAP HAVE_LDAP_H HAVE_LDAP HAVE_LDAP_DOMAIN2HOSTLIST HAVE_LDAP_INIT HAVE_LDAP_INITIALIZE HAVE_LDAP_SET_REBIND_PROC HAVE_LIBLDAP LDAP_SET_REBIND_PROC_ARGS -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -a -s /add smbuser via bash script
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Colin E. McDonald wrote: | I have a script that used to work fine under Samba 2.2.7a. | | I would pass the username and password to smbpasswd | -a -s $user $password and it worked fine. (echo $pw; echo $pw ) | smbpasswd -s -a $user cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB6CdbIR7qMdg1EfYRAlJGAJ9hm9NbVLGhfrneTLzTiK9XqGBlIgCg7TPX UDYLCbPNBCnFKpOE/PjLIDw= =crZ/ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd
If I have correctly understood what you want to do, the simple answer is: you can't. The passwords stored in shadow file and in smbpasswd, though they may be the same (in clear text), are encrypted with two different one way hash functions. In order to put in smbpasswd the same user passwords than in shadow, you need to compute the hash string from the passwords in clear text. The only reasonable way to achieve this is to implement some solution that keeps unix passwords and samba passwords synchronized (such as what can be done in smb.conf with unix password sync and passwd program but there are many other solutions) and to ask users to change their passwords once, so that shadow and smbpasswd hash strings are computed from the same password. Le mer 29/12/2004 à 13:26, Rodrigo Noroaldo de Castro Fernandes a écrit : --ms080602000709060800080902 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Dear all, How can I convert the Linux users password (/etc/shadow) to Samba users password (.../private/smbpasswd)? Best Brazilian regards -- Olivier Navas Groupement Informatique et Télécommunications SDIS 33 - Humor in the Court: Q: Are you qualified to give a urine sample? A: Yes, I have been since early childhood. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -w not working
On Monday 27 December 2004 18:29, Adi Nugraha wrote: Hi, I'm tyrying to set up a Samba PDC with LDAP backend, i followed the excellent samba guide on the chapter making users happy, the problem is according to the guide when I execute the smbpasswd -w secret command, the expected outcome is Setting stored password for cn=Manager,dc=abmas,dc=biz in secrets.tdb but what i get is Setting stored password for in secrets.tdb can anyone tell me what's wrong, I checked and rechecked the smb.conf and slapd.conf and ldap.conf, there is nothing wrong, (at least according to the guide), please help me with this, I've been stuck trying to solve this for weeks now any hint is greatly appreciated, thanks in advance Please make certain that you have specified the correct administrative dn (ldap admin dn) in your smb.conf file. Also, suggest you download the latest version of the smbldap-tools from www.idealx.org _and_ make sure that your Perl is correctly configured. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -w not working
- Original Message - From: Adi Nugraha [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Tuesday, December 28, 2004 8:29 AM Subject: [Samba] smbpasswd -w not working Hi, I'm tyrying to set up a Samba PDC with LDAP backend, i followed the excellent samba guide on the chapter making users happy, the problem is according to the guide when I execute the smbpasswd -w secret command, the expected outcome is Setting stored password for cn=Manager,dc=abmas,dc=biz in secrets.tdb but what i get is Setting stored password for in secrets.tdb can anyone tell me what's wrong, I checked and rechecked the smb.conf and slapd.conf and ldap.conf, there is nothing wrong, (at least according to the guide), please help me with this, I've been stuck trying to solve this for weeks now any hint is greatly appreciated, thanks in advance sorry forgot my specs info, Mandrake Linuc 9.1 samba 3.0.9 openldap2.2.17 stable also there is no pam_unix2.so module in my linux installation, there is pam_unix.so though, can anyone help me, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -w not working
already solved that, seems the smbpasswd file I copied from other samba version needs to be directed to the smb.conf , now the smbldap-populate scripts doesn't work, with an error message like this : [EMAIL PROTECTED] sbin]# ./smbldap-populate.pl Can't locate Convert/ASN1.pm in @INC (@INC contains: /var/lib/samba/sbin/ /usr/lib/perl5/5.8.0/i386-linux-thread-multi /usr/lib/perl5/5.8.0 /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl .) at /usr/lib/perl5/vendor_perl/5.8.0/Net/LDAP.pm line 11. BEGIN failed--compilation aborted at /usr/lib/perl5/vendor_perl/5.8.0/Net/LDAP.pm line 11. Compilation failed in require at /var/lib/samba/sbin//smbldap_tools.pm line 5. BEGIN failed--compilation aborted at /var/lib/samba/sbin//smbldap_tools.pm line 5. Compilation failed in require at ./smbldap-populate.pl line 34. BEGIN failed--compilation aborted at ./smbldap-populate.pl line 34. anyone know what to do about this - Original Message - From: Adi Nugraha [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Tuesday, December 28, 2004 8:39 AM Subject: Re: [Samba] smbpasswd -w not working - Original Message - From: Adi Nugraha [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Tuesday, December 28, 2004 8:29 AM Subject: [Samba] smbpasswd -w not working Hi, I'm tyrying to set up a Samba PDC with LDAP backend, i followed the excellent samba guide on the chapter making users happy, the problem is according to the guide when I execute the smbpasswd -w secret command, the expected outcome is Setting stored password for cn=Manager,dc=abmas,dc=biz in secrets.tdb but what i get is Setting stored password for in secrets.tdb can anyone tell me what's wrong, I checked and rechecked the smb.conf and slapd.conf and ldap.conf, there is nothing wrong, (at least according to the guide), please help me with this, I've been stuck trying to solve this for weeks now any hint is greatly appreciated, thanks in advance sorry forgot my specs info, Mandrake Linuc 9.1 samba 3.0.9 openldap2.2.17 stable also there is no pam_unix2.so module in my linux installation, there is pam_unix.so though, can anyone help me, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd -a USERNAME PASSWORD -- no longer works in samba 3.0.9!!!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 sysrm wrote: | All our scripts etc no longer work since installing 3.0.9 when adding new | users. | | We use a perl script to make sure there are no duplicate names/uid's etc and | generate a random 8 char password. | | It then adds the user to /etc/passwd with that password and then invokes | smbpasswd -a $username $password which no longer works with the 3.0.9 | version of smbpasswd! (echo $pw; echo $pw ) | smbpasswd -s -a $username It was mentioned in the release notes in case anyone ever reads those :-) cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBucnRIR7qMdg1EfYRApPWAJ49nLiKY2ZwF07gOWp/Os6zh4h5qQCfasLQ h3EbKtZ83kpOdewlH4lKc3A= =3eTm -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd and password on command line
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tim Winders wrote: | Hello - | | I see from the 3.0.8 release notes: | | * Remove support for passing the new password to smbpasswd | on the command line without using the -s option. | | I used to use the option: | | smbpasswd -a $user $pass | | to quickly add a new user to the smbpasswd database. | This no longer works in 3.0.8. I have tried every combination | I can think of adding the -s and -L options to the command line (echo $pw; echo $pw ) | smbpasswd -s -a $user cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBqzYAIR7qMdg1EfYRAj3pAJ4p5hMWGtLHri5vI7PXIB5RRKSbDQCg0nF/ XrGKt26KLi+B1ck+ALDErts= =cWbE -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd fails on samba 2.2.x
created a test account. but smbpasswd fails.. [EMAIL PROTECTED] data]# smbpasswd test New SMB password: Retype new SMB password: Failed to find entry for user test. Failed to modify password entry for user test [EMAIL PROTECTED] data]# the account exists in /etc/passwd You have to run smbpasswd with the -a flag to create the entry in smbpasswd before you can modify it, which is what they assume you're wanting with no flags. -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd with password on the command line
On Sunday 26 September 2004 21:00, Pedro Silva wrote: I've upgraded my samba server to 3.0.6 and without any warning the command smbpasswd no longer accepts passing the user password on the command line! This was a very bad thing for me since the scripts I use to generate all my users account stopped working :-( Anyone had the same problem? Any suggestions before rewriting everything Pedro Silva Hi Just use (echo password;echo password)| smbpasswd -s -a username seen it somewhere hope it help's Hugo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd problem fine before but now ?
I'm still trying to solve my problem below. I have found that in my smb.conf file, all information relating to ldap is either # or ; out, but when i run testparm it shows settings for ldap which is pointed to locally. I completely deleted all commented reverences to ldap, restarted samba, run testparm but it insists that ldap is being called locally. I even used a previous smb.conf from before i upgraded to 2.2.8a, which has no referance to ldap, but it still shows up in testparm as ldap= local. My other machine that was also upgraded to 2.2.8a has no reference to ldap or indications it is being called in testparm I'm completely confused. Can anybody help Ken On Tue, 14 Sep 2004 14:36:05 +0100, Ken Walker [EMAIL PROTECTED] wrote: I set up a LM ( Linux Mandrake ) machine a 6 or 7 months ago with LM8.2 and samba 2.2.8a. I set up a 5 disk software raid 5 and made 5 accounts and 5 entries into smbpasswd using smbpasswd -an XX All went fine, nothing out of the usual happened and all users could hammer the raid remotely to see if it died. I have just resurrected the machine, which has been powered down for about 4 months now. When i now enter smbpasswd -an i get the following !! [EMAIL PROTECTED] mctkeaw]# smbpasswd -an mctssvw LDAPS option set...! ldap_connect_system: Binding to ldap server as Bind failed: Can't contact LDAP server LDAPS option set...! ldap_connect_system: Binding to ldap server as Bind failed: Can't contact LDAP server Failed to add entry for user mctssvw. Failed to modify password entry for user mctssvw [EMAIL PROTECTED] mctkeaw]# I have looked in passwd and mctssvw is there. allow null passwords is in the global settings of smb.conf I have also looked in smb.conf and the ldap options are commented out. I have no idea why this should start now, nothing has been added or changed since it was last powered down. Can anybody help Many thanks Ken -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbpasswd problem fine before but now ?
Ken Walker wrote: I even used a previous smb.conf from before i upgraded to 2.2.8a, which has no referance to ldap, but it still shows up in testparm as ldap= local. Did you try to specify smb.conf file on the command line to smbd with '-s' option to be sure that this is the file your samba uses? Just a thought. Igor -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd in samba 3.0
Try it: # (echo password; echo password) | smbpasswd -s -a username Best Regards! Jacky Kim . For scripting then, what would the appropriate syntax be? smbpasswd -s -a username password this was working fine for me in 2.2.x and 3.0.x until the upgrade 3.0.6 If I want to change password with a script - i.e. single line of code. what is the appropriate command syntax in 3.0.6? Jake Holmquist Manhattan College [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd complains about LDAP: Object class violation
Does anyone else have any ideas on this? I think I've got the right direction, at least. If someone with a working LDAP-Samba PDC -- preferably 2.2.8, ideally on OS X -- could post the results of an ldapsearch for one of their machines, I might be able to figure out which attribute in specific is causing the problem. Or, if anyone out there in sambaland has other ideas, I'm totally open to suggestions. Thanks. Chris St. Pierre Unix Systems Administrator Nebraska Wesleyan University On Mon, 30 Aug 2004, Lance Levsen wrote: And that would explain that: 3.0.6. Sorry. Cheers, lance On Mon, 2004-08-30 at 08:17, Chris St. Pierre wrote: Hmm. I poked around a little bit, but couldn't find a schema that included the sambaSamAccount object class in my examples directory. Maybe different versions? I'm on version 2.2.8a on Mac OS X. Chris St. Pierre Unix Systems Administrator Nebraska Wesleyan University On Fri, 27 Aug 2004, Lance Levsen wrote: On Fri, 2004-08-27 at 09:50, Chris St. Pierre wrote: Here's more info for anyone who's interested: Quite the opposite of what I expected, smbldap-useradd.pl is not using sambaAccount as the structural objectClass; it's not using it *at all*. Here's a sample: Okay, weird. I'm using the samba schema from ./examples/LDAP/ and it creates users w/ objectclass sambaSamAccount, not sambaAccount. sambaAccount is in that schema, but commented out. Cheers, lance -- Lance Levsen, Catprint Computing Linux Systems and programming Saskatoon, SK., CA. gpg --keyserver wwwkeys.pgp.net --recv-keys 0xF2DA79C8 -- Lance Levsen, Catprint Computing Linux Systems and programming Saskatoon, SK., CA. gpg --keyserver wwwkeys.pgp.net --recv-keys 0xF2DA79C8 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd complains about LDAP: Object class violation
Here's more info for anyone who's interested: Quite the opposite of what I expected, smbldap-useradd.pl is not using sambaAccount as the structural objectClass; it's not using it *at all*. Here's a sample: - # ldapsearch -LLL -b ou=machines,o=nebrwesleyan.edu,o=isp uid=guinea* dn: uid=guinea-pig$,ou=Machines,o=NebrWesleyan.edu,o=isp objectClass: top objectClass: posixAccount cn: guinea-pig$ uid: guinea-pig$ uidNumber: 1001 gidNumber: 1 homeDirectory: /dev/null loginShell: /bin/false description: Computer - Adding the sambaAccount objectClass manually helped, actually; now I get this: - # ./smbpasswd -a -m guinea-pig$ ldap_connect_system: Binding to ldap server as cn=directory manager ldap_connect_system: Binding to ldap server as cn=directory manager failed to modify user with uid = guinea-pig$ with: Object class violation Password changed for user guinea-pig$. Failed to modify entry for user guinea-pig$. Failed to modify password entry for user guinea-pig$ - Again, though, setting the debug level to 10 doesn't help much. And again, there's still an object class violation. Anyone have any ideas what this one might be? Thanks. Chris St. Pierre Unix Systems Administrator Nebraska Wesleyan University 402.465.7549 On Thu, 26 Aug 2004, Chris St. Pierre wrote: I'm trying to get Samba on a Mac OS X box running as a PDC with an LDAP backend. I've read through all of the major walkthroughs I can find, and we've actually already got it running very nicely as a file server; people are currently authenticating against a different PDC and then mapping drives from the Samba box in question. However, I'd like it to be the PDC eventually, but I'm running up against a problem. It is my understanding that the machine trust accounts need to be added with smbpasswd (or an LDAP workaround such as the smbldap-useradd.pl that comes with samba), but smbpasswd fails with the following error: # ./smbpasswd -a -m guinea-pig$ ldap_connect_system: Binding to ldap server as cn=directory manager LDAP search ((uid=guinea-pig_)(objectclass=sambaAccount)) returned 0 entries. ldap_connect_system: Binding to ldap server as cn=directory manager failed to modify user with uid = guinea-pig$ with: Object class violation Failed to add entry for user guinea-pig$. Failed to modify password entry for user guinea-pig$ The best thing I could find on the web was this: http://lists.samba.org/archive/samba/2003-February/062371.html, which only suggests upping my debug level. Doing so provides no better info, though: ./smbpasswd -D 10 -a -m guinea-pig$ [snip] Initializing connection to newman.nebrwesleyan.edu on port 389 ldap_open_connection: connection opened ldap_connect_system: Binding to ldap server as cn=directory manager ldap_connect_system: succesful connection to the LDAP server ldap_search_one_user: searching for:[((uid=guinea-pig$)(objectclass=sambaAccount))] ldap_search_one_user: searching for:[uid=guinea-pig$] User exists without samba properties: adding them Setting entry for user: guinea-pig$ failed to modify user with uid = guinea-pig$ with: Object class violation Failed to add entry for user guinea-pig$. Failed to modify password entry for user guinea-pig$ If that thread I linked to is correct, then smbpasswd is trying to add the machine user guinea-pig$ with the structural objectClass sambaAccount -- which is bogus. If that's the case, is there a fix that doesn't involve hacking smbpasswd? Or, if that's not the case, what is and how do I fix it? Thanks for your help! Chris St. Pierre Unix Systems Administrator Nebraska Wesleyan University 402.465.7549 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd complains about LDAP: Object class violation
On Fri, 2004-08-27 at 09:50, Chris St. Pierre wrote: Here's more info for anyone who's interested: Quite the opposite of what I expected, smbldap-useradd.pl is not using sambaAccount as the structural objectClass; it's not using it *at all*. Here's a sample: Okay, weird. I'm using the samba schema from ./examples/LDAP/ and it creates users w/ objectclass sambaSamAccount, not sambaAccount. sambaAccount is in that schema, but commented out. Cheers, lance -- Lance Levsen, Catprint Computing Linux Systems and programming Saskatoon, SK., CA. gpg --keyserver wwwkeys.pgp.net --recv-keys 0xF2DA79C8 signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd backend, group-per-user, and primary gid not a domain group
On Mon, 2004-07-19 at 17:09, Frank H wrote: After changing from 2.x to 3.0 I get these messages: rpc_server/srv_util.c:get_domain_user_groups(376) get_domain_user_groups: primary gid of user [fred] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that ... Craig White wrote: I would change to tdb but that's me. ... To sum up my experience, in case it helps anyone... This is with 3.0.3. Changing to the tdbsam password backend is utterly painless. (Thank you samba developers.) Apart from the fact that the smbpasswd file password backend is deprecated, tdbsam is better in that it allows you to set a user's primary group with pdbedit. You can set your group to domain admin and you'll be an administrator when you log into Windows - no messing with net groupmap or unix groups required. When I do this however, samba still logs the message shown above! I know my group setting is working because otherwise I wouldn't be an administrator when I log in. So I think producing the message in this case is a bug. I had one other problem due to a mismatch between the pdbedit man page and the behavior of the program. The man page says the -r flag is not needed but I found I could not change my group without it. Finally, for what it's worth, I've been running for over a month with NT doesn't like that with w2k clients and I'm not aware of any problems. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd in samba 3.0
Jacky Kim wrote: In samba 2.2.8, smbpasswd can change a user's smb password without prompt: # smbpasswd username newpswd How to do it in samba 3.0? I do want to change user's password without prompt! I use samba 3.0.5 and smbpasswd works the same way as in 2.28 for changing passwords without prompt. Regards, -- Filipi Vianna Laboratrio de Mecnica Computacional (DEMM) Faculdade de Engenharia - PUC-RS telefone: (51) 3320-3500 ramal: 4053 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd password via stdin?
Raymond wrote: Is there a method to pass a password to smbpasswd from stdin? Currently it appears only the user or machine name can be passed. Would like to automate the process via shell script. NAME smbpasswd - change a user's SMB password SYNOPSIS smbpasswd [-a] [-x] [-d] [-e] [-D debuglevel] [-n] [-r remote machine] [-R name resolve order] [-m] [-U username[%password]] [-h] [-s] [-w pass] [-i] [-L] [username] The smbpasswd suports the password as an argument. In my shell script to automate the user creation process, I do something like this: echo Adding and enabling samba user $user # smbpasswd -a -s $user $password smbpasswd -e $user Hope that helps, Regards, -- Filipi Vianna Laboratório de Mecânica Computacional (DEMM) Faculdade de Engenharia - PUC-RS telefone: (51) 3320-3500 ramal: 4053 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd in samba 3.0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Filipi Vianna wrote: | Jacky Kim wrote: | | In samba 2.2.8, smbpasswd can change a user's smb password | without prompt: | # smbpasswd username newpswd | | How to do it in samba 3.0? I do want to change user's password | without prompt! | | | I use samba 3.0.5 and smbpasswd works the same way as in 2.28 | for changing passwords without prompt. Just to clarify. This was changed for the upcoming 3.0.6. You have to use the -s flag now. 'smbpasswd -a user passwd' is no longer supported. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBI5LrIR7qMdg1EfYRAkoiAJ0VmGhYFeuQoxlw2AxBExFr2oqerQCg1vjg 2ZKxdJopjpoGmJ8eiQJdHe8= =amCc -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd overwrites existing displayname in LDAP entry
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ruud Baart wrote: | Configuration: Samba 2.2.8a with openLDAP 2.1.30 on a SeSE | 8.2. server | | When adding a user using a ldif file we give the user a given | name, say Ruud Baart. The cn and uid are the same, say | 21cs12345 (a studentnumber). | | After adding the user to LDAP the displayname is as | expected: Ruud Baart. However after smbpasswd -a 21cs12345 | -s secret the displayname is 21cs12345. | | That is, of course, not what we want. Is there any solution | for this problem? This is fixed in 3.0 IIRC. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBIKkCIR7qMdg1EfYRAmXdAKCRe02NaxG2XpumFiMvQHJJcdjEfACgisUG P47vxvteQ8KB8uWvpCOPa34= =h4e7 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd error
smbd/chgpasswd.c:check_oem_password(832) check_oem_password: incorrect password length (1292521526). [2004/08/03 10:12:51, 0] passdb/passdb.c:pdb_free_sam(210) pdb_free_sam: SAM_ACCOUNT was NULL Hi there, I had this problem too when trying to setup password syncing. I can't for the life of me remember what the solution was. Although I'm pretty darn certain that it _isn't_ password length. I did however write up my solution:- http://gensig.nibsc.ac.uk/~dmccann/ (there's something odd with out web servers at the moment, so if that linkt doesn't work for you, please let me know and I'll get it fixed.) Mac Assistant Systems Adminstrator @nibsc.ac.uk [EMAIL PROTECTED] Work: +44 1707 641565 Everything else: +44 7956 237670 (anytime) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba