diff options
author | Jeremy Allison <jra@samba.org> | 1998-03-19 20:06:47 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 1998-03-19 20:06:47 +0000 |
commit | 20770b6f1c25288e90d3e0d215afa7f0809ce124 (patch) | |
tree | ff60815a291db1bf9e95ff4cba0c3c2ffa2f8b70 /docs | |
parent | e02e3bcbbd4333113dde7bef47763fb229148007 (diff) | |
download | samba-20770b6f1c25288e90d3e0d215afa7f0809ce124.tar.gz samba-20770b6f1c25288e90d3e0d215afa7f0809ce124.tar.xz samba-20770b6f1c25288e90d3e0d215afa7f0809ce124.zip |
Adding the same changes to HEAD as were added to BRANCH_1_9_18.
Changed smbpasswd to be client-server for a normal user, rather
than accessing the private/smbpasswd file directly (it still accesses
this file directly when run as root, so root can add users/change a
users password without knowing the old password).
A shakeout of this change is that smbpasswd can now be used to
change a users password on a remote NT machine (yep - you heard
that one right - we can now change a NT password from UNIX !!!!!).
Jeremy.
Diffstat (limited to 'docs')
-rw-r--r-- | docs/manpages/smbpasswd.8 | 44 | ||||
-rw-r--r-- | docs/textdocs/ENCRYPTION.txt | 57 |
2 files changed, 65 insertions, 36 deletions
diff --git a/docs/manpages/smbpasswd.8 b/docs/manpages/smbpasswd.8 index 1cd2c54c434..24b37135984 100644 --- a/docs/manpages/smbpasswd.8 +++ b/docs/manpages/smbpasswd.8 @@ -1,10 +1,13 @@ -.TH SMBPASSWD 8 "08 Jan 1998" "smbpasswd 1.9.18" +.TH SMBPASSWD 8 "19 Feb 1998" "smbpasswd 1.9.18p3" .SH NAME smbpasswd \- change a users smb password in the smbpasswd file. .SH SYNOPSIS .B smbpasswd [ -.B \-add +.B \-a +] [ +.B \-r +remote_machine ] [ .B username ] @@ -27,14 +30,38 @@ smb password (specified by the string "NO PASSWORD" in the smbpasswd file) then just press the <Enter> key when asked for your old password. +.B New for 1.9.18p4. +smbpasswd will now allow a user to change their password +on a Windows NT server. To use this add the +.I \-r +.I \<remote_machine\> +paramter to the smbpasswd command. The machine name is looked +up using the "name resolve order" parameter defined in the +smb.conf [global] section. Note that when changing a Windows +NT password for a domain user, +.I \<remote machine\> +must be the name of the Primary domain controller. + +To allow users to change their passwords from "NO PASSWORD" +in the smbpasswd file to a valid password the administrator +must set the following parameter in the [global] section of +the smb.conf : + +null passwords = true + +This is +.B NOT +recommended as a general policy, it is recommended that +new users be assigned a default password instead. + The -.I \-add +.I \-a and .I username options can only be used by a user running as root. .SH OPTIONS -.I \-add +.I \-a .RS 3 Specifies that the username following should be added to @@ -70,13 +97,12 @@ It is recommended that the program be installed in the /usr/local/samba/bin directory. This should be a directory readable by all, writeable only by root. The program should be executable by all. The program -.B must -be setuid root. This means the permissions should -look like -r-sr-xr-x and the program must be owned by root. +.B must not +be setuid root. .SH VERSION -This man page is correct for version 1.9.17 of the Samba suite. +This man page is correct for version 1.9.18p4 of the Samba suite. These notes will necessarily lag behind development of the software, so it is possible that your version of the program has extensions or parameter semantics that differ from or are not @@ -93,7 +119,7 @@ The .B smbpasswd command is only useful if .I Samba -has been compiled with encrypted passwords. See the file +has been set up to use encrypted passwords. See the file .I ENCRYPTION.txt in the docs directory for details on how to do this. diff --git a/docs/textdocs/ENCRYPTION.txt b/docs/textdocs/ENCRYPTION.txt index 315e7de53f7..352f3457b47 100644 --- a/docs/textdocs/ENCRYPTION.txt +++ b/docs/textdocs/ENCRYPTION.txt @@ -1,8 +1,8 @@ !== -!== ENCRYPTION.txt for Samba release 1.9.18 08 Jan 1998 +!== ENCRYPTION.txt for Samba release 1.9.18p3 19 Feb 1998 !== Contributor: Jeremy Allison <samba-bugs@samba.anu.edu.au> -Updated: June 27, 1997 +Updated: March 19, 1998 Note: Please refer to WinNT.txt also Subject: LanManager / Samba Password Encryption. @@ -207,7 +207,16 @@ bob:100:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Bob's If you are allowing users to use the smbpasswd command to set their own passwords, you may want to give users NO PASSWORD initially so they do not have to enter a previous password when changing to their new -password (not recommended). +password (not recommended). In order for you to allow this the +smbpasswd program must be able to connect to the smbd daemon as +that user with no password. Enable this by adding the line : + +null passwords = true + +to the [global] section of the smb.conf file (this is why the +above scenario is not recommended). Preferebly, allocate your +users a default password to begin with, so you do not have +to enable this on your server. Note : This file should be protected very carefully. Anyone with access to this file can (with enough knowledge of the protocols) gain @@ -220,22 +229,28 @@ The smbpasswd Command. The smbpasswd command maintains the two 32 byte password fields in the smbpasswd file. If you wish to make it similar to the unix passwd or yppasswd programs, install it in /usr/local/samba/bin (or your main -Samba binary directory) and make it setuid root. +Samba binary directory). -Note that if you do not do this then the root user will have to set all -users passwords. +Note that as of Samba 1.9.18p4 this program MUST NOT BE INSTALLED +setuid root (the new smbpasswd code enforces this restriction so +it cannot be run this way by accident). -To set up smbpasswd as setuid root, change to the Samba binary install -directory and then type (as root) : +smbpasswd now works in a client-server mode where it contacts +the local smbd to change the users password on its behalf. This +has enormous benefits - as follows. -chown root smbpasswd -chmod 4555 smbpasswd +1). smbpasswd no longer has to be setuid root - an enourmous +range of potential security problems is eliminated. -If smbpasswd is installed as setuid root then you would use it as -follows. +2). smbpasswd now has the capability to change passwords +on Windows NT servers (this only works when the request is +sent to the NT Primary Domain Controller if you are changing +an NT Domain users password). + +To run smbpasswd as a normal user just type : smbpasswd -Old SMB password: <type old alue here - just hit return if there is NO PASSWORD> +Old SMB password: <type old value here - or hit return if there was no old password > New SMB Password: < type new value > Repeat New SMB Password: < re-type new value > @@ -255,15 +270,8 @@ forgotten their passwords. smbpasswd is designed to work in the same way and be familiar to UNIX users who use the passwd or yppasswd commands. -NOTE. As smbpasswd is designed to be installed as setuid root I would -appreciate it if everyone examined the source code to look for -potential security flaws. A setuid program, if not written properly can -be an open door to a system cracker. Please help make this program -secure by reporting all problems to me (the author, Jeremy Allison). - -My email address is :- - -jallison@whistle.com +For more details on using smbpasswd refer to the man page which +will always be the definitive reference. Setting up Samba to support LanManager Encryption. -------------------------------------------------- @@ -310,11 +318,6 @@ tridge:148:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:And note that the uid and username fields must be right. Also, you must get the number of X's right (there should be 32). -If you wish, install the smbpasswd program as suid root. - -chown root /usr/local/samba/bin/smbpasswd -chmod 4555 /usr/local/samba/bin/smbpasswd - 5) set the passwords for users using the smbpasswd command. For example, as root you could do "smbpasswd tridge" |