Date: Thu, 9 Oct 2008 08:33:20 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: Scott MacCallum <scottmaccal@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: smbpasswd mortal user Message-ID: <20081009153320.GA7611@icarus.home.lan> In-Reply-To: <28f0982f0810090753xd7ecc32wd1aee956b5bb0304@mail.gmail.com> References: <28f0982f0810090753xd7ecc32wd1aee956b5bb0304@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Oct 09, 2008 at 10:53:32AM -0400, Scott MacCallum wrote: > I would like my users to be able to change their Samba password using the > smbpasswd command. As of right now only root is allowed to do this. I set > the smbpasswd command with the same permissions as the passwd command and I > still cannot run it as a mortal user. I read the FreeBSD handbook and > understand that smbpasswd is no longer the preferred tool to do what I want > with version of Samba I am running, however it too cannot be run as a mortal > user. In any case, I would like to continue using the smbpasswd command. > > Does someone have a solution they can share? Users editing their own passwords -- I have no idea how to solve that. I don't think it's possible because the commands also allow you (or a user) to edit many different fields in their account, including disabling password expiry, changing their unique ID, all that jazz. It sounds like you might have to write a program/utility to do this, acting as a wrapper around pdbedit(8). smbpasswd(8) isn't recommend any more, true. If you're like me and do not care for things like LDAP and prefer flat-files, use the "tdbsam" password database method, and the pdbedit(8) command to edit passwords and do things to accounts. All I use in smb.conf is: private dir = /conf/ME/samba passdb backend = tdbsam Thus passdb.tdb and secrets.tdb will end up going into /conf/ME/samba. You can also say "passdb backend = tdbsam:/some/place" which will store passdb.tdb in /some/place; secrets.tdb will still end up in "private dir" > FreeBSD 7.0-RELEASE #0: Sun Feb 24 19:59:52 UTC 2008 > root@logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 Consider upgrading (world/kernel) soon, as you're susceptible to some security issues. Just a comment in passing; not the focus of this mail. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081009153320.GA7611>