samba + LDAP + changemt passwd - réseaux et sécurité - Linux et OS Alternatifs
MarshPosté le 19-01-2004 à 14:35:38
bonjour,
J'ai un soucis avec le changemement de mot de passe samba sous windows. Comme dit dans le sujet, j'utilise LDAP pour authentifier les utilisateurs. L'intégration des machines, le login et l'enregistrement des profiles se passent très bien...
Mais quand je veux changer mon mot de passe samba quand je suis sous windows, il me dit que c'est impossible.
Voici pour info, mon smb.conf :
[global] workgroup = BUZZSMB netbios name = BUZZ server string = Samba Server %v
printcap name = cups load printers = yes printing = cups printer admin = @"Domain Admins" log file = /var/log/samba/log.%m max log size = 50 # log level = 3 # hosts allow = 192.168.1. 192.168.2. 127. # guest account = pcguest map to guest = bad user security = user # password server = <NT-Server-Name> # password server = * # password level = 8 # username level = 8 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes # pam password change = yes # passwd program = /usr/bin/passwd %u passwd program = /usr/share/samba/script/smbldap-passwd.pl %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n *passwd:*all*authentication*tokens*updated*successfully* username map = /etc/samba/smbusers # include = /etc/samba/smb.conf.%m socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 33 # domain master = yes # preferred master = yes domain logons = yes logon path = \\%L\Profiles\%u Logon home = \\%L\home\%u Logon drive = X: add user script = /usr/share/samba/scripts/smbldap-useradd.pl -w -d /dev/null -g machines -c 'Machine Account' -s /bin/false %u # add user script = /usr/sbin/useradd -s /bin/false %u domain admin group = root manager @adm @administrateurs ldap admin dn = cn=manager,dc=ensea,dc=fr ldap ssl = no ldap port = 389 ldap suffix = dc=ensea,dc=fr ldap server = buzz.ensea.fr # name resolve order = wins lmhosts bcast # wins support = yes # wins server = w.x.y.z # wins proxy = yes dns proxy = no # preserve case = no # short preserve case = no # default case = lower # case sensitive = no # client code page = 850 # character set = ISO8859-1
Marsh Posté le 19-01-2004 à 14:35:38
bonjour,
J'ai un soucis avec le changemement de mot de passe samba sous windows.
Comme dit dans le sujet, j'utilise LDAP pour authentifier les utilisateurs. L'intégration des machines, le login et l'enregistrement des profiles se passent très bien...
Mais quand je veux changer mon mot de passe samba quand je suis sous windows, il me dit que c'est impossible.
Voici pour info, mon smb.conf :
[global]
workgroup = BUZZSMB
netbios name = BUZZ
server string = Samba Server %v
printcap name = cups
load printers = yes
printing = cups
printer admin = @"Domain Admins"
log file = /var/log/samba/log.%m
max log size = 50
# log level = 3
# hosts allow = 192.168.1. 192.168.2. 127.
# guest account = pcguest
map to guest = bad user
security = user
# password server = <NT-Server-Name>
# password server = *
# password level = 8
# username level = 8
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
# pam password change = yes
# passwd program = /usr/bin/passwd %u
passwd program = /usr/share/samba/script/smbldap-passwd.pl %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n *passwd:*all*authentication*tokens*updated*successfully*
username map = /etc/samba/smbusers
# include = /etc/samba/smb.conf.%m
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 33
# domain master = yes
# preferred master = yes
domain logons = yes
logon path = \\%L\Profiles\%u
Logon home = \\%L\home\%u
Logon drive = X:
add user script = /usr/share/samba/scripts/smbldap-useradd.pl -w -d /dev/null -g machines -c 'Machine Account' -s /bin/false %u
# add user script = /usr/sbin/useradd -s /bin/false %u
domain admin group = root manager @adm @administrateurs
ldap admin dn = cn=manager,dc=ensea,dc=fr
ldap ssl = no
ldap port = 389
ldap suffix = dc=ensea,dc=fr
ldap server = buzz.ensea.fr
# name resolve order = wins lmhosts bcast
# wins support = yes
# wins server = w.x.y.z
# wins proxy = yes
dns proxy = no
# preserve case = no
# short preserve case = no
# default case = lower
# case sensitive = no
# client code page = 850
# character set = ISO8859-1
#============================ Share Definitions ==============================
[home]
path = /home
comment = Home Directories
browseable = yes
writable = yes
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = yes
writable = no
[Profiles$]
path = /home/profiles
browseable = no
guest ok = yes
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = yes
writable = no
printable = yes
create mode = 0700
# =====================================
# print command: see above for details.
# =====================================
print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers.
; print command = lpr-cups -P %p %s -r # using cups own drivers (use generic PostScript on clients).
; lpq command = lpq -P %p
; lprm command = cancel %p-%j
;[public]
; comment = Public Stuff
; path = /home/samba/public
; public = yes
; writable = no
; write list = @staff
; vfs object = /usr/lib/samba/vfs/audit.so