I think there might be some misunderstandings propagated here, so I will blurt out my understanding of Samba passwd stuff to clarify things and hopefully someone will correct me if I am wrong. Win* Domains and *NIX use two different algorithms for encrypting password in a file. Samba can use the standard /etc/passwd (and /etc/shadow if configured -- it uses what you got), but passwords from Win* clients then have to be clear text (which is bad). They do not have to be clear text if Samba uses a 'smbpasswd' file (it can be wherever 'smb.conf' says it is) and maintains the password separately using the different encryption algorithm. Samba contains some configuration options to synchronize passwords from the Win* client side, and it is relately easy to wrap 'passwd' on the *NIX side. You can also just make Samba hand off authenication to a Win* PDC, and in 2.2.* it can be a PDC (but not a BDC, yet). It could act as a PDC before, but not very well. Winbind is not used to make the smbpasswd obsolete, it is used to make it so you can add a Samba server to your Win* network and not have to add all your users to that box (and maintain the user list separately). Winbind (as shallowly as I've read) will allow Samba to pass off authentication to a Win* PDC and if authentication is successful it will create a new user on the *NIX box if there is none. This is nice for NAS and other appliances that use Samba. Please let me know if I am mistaken. >>> jspinti at dart.dartdist.com 11/13/01 07:46AM >>> |On 12 Nov 2001, Ben Lutgens wrote: |> On Mon, 2001-11-12 at 15:26, Andy Zbikowski (Zibby) wrote: |> > On Mon, 12 Nov 2001, Munir Nassar wrote: |> > > unix password sync = yes |> > > passwd program = /usr/bin/passwd |> |> > AFAIK, this is for operating samba as a domain controller, and |only works |> > when you change your password through windows. If you update your unix |> > password, your samba password isn't updated. |> |> Correctamundo. | |But this does not make any sense, if i have a win95 workstation and i have |a samba PDC then all the user accounts are in the smbpasswd file, why then |would it then change the unix(linux) password without changing the |smbpasswd file. Would that not cause quite a bit of confusion not to |mention the hassle of having to change the password twice? | | -munir No. That is backwards. If you change your *nix passwd, smbpasswd is not kept in synch. The two are independently maintained after their initial creation. I understand that winbind is supposed to keep you from needing a smbpasswd file, but I haven't tried it yet. It is in the latest samba release, but I am still running the release before that.