SMB passwords etc (was "How can I help ?")
On Wed, 14 Jun 2000, Sebastian Rittau wrote:
>> [stuff about encrypted SMB passwords]
>
> But using this option prevents you from using the global /etc/shadow
> file, which is problematic in some cases.
True. Samba has a "password sync" option to enable SMB password changes to
automatically update the unix password file too (though it can be
troublesome to get this working smoothly...)
I'm no PAM or SMB expert, but I would imagine (if it hasn't been done) it
would be feasible to make a stacked "password" module to do the reverse,
ie to update the SMB password (including optionally creating the entry in
the smbpasswd file if it doesn't exist) when the "passwd" command is used
to change the unix password.
A mechanism would obviously be required to prevent a loop situation when
both options are used simultaneously. If Samba carried out the actual SMB
password update via PAM, then this should allow for the required
flexibiliity, with either one or both off the unix/SMB password setting
modules used by passwd and smbd as desired. This would hopefully eliminate
the need for the "password sync" option with its dependence on the precise
prompt string produced by the "passwd" command.
--
Zak Kipling, E114 Wolfson Court, Clarkson Road, Cambridge, CB3 0EH.
Tel. (01223) 509524; pager 04325 361627; ICQ# 62661452; Ask for PGP key
Internet chat: telnet to zk201.girton.cam.ac.uk and log in as "talk".
"As long as the superstition that people should obey unjust laws exists,
so long will slavery exist." -- M. K. Gandhi
Reply to: