Scott Harrison
Last updated: 10/26/2000
This file describes issues associated with accessing a LON-CAPA machine through Samba. This allows Microsoft machines to mount portions of the LON-CAPA machine as file space (useful for an instructor).
Can we sync samba password file space mounting with a kerberos v4 system?
The answer is yes-no-maybe so. It is doable via kerberos v5
only with Microsoft Windows 2000. Samba supports kerberos v4 but requires
instructors et al to change their windows settings to send plaintext
passwords over the net as opposed to encrypted passwords.
Can we even sync samba password file space with unix password file space?
ONLY if we script something that crypts both (assume a user has
already been added, this script invokes both usermod and smbpasswd...
similar to http://adis.on.ca/School-doc/Highschool-HOWTO-1-4.html)
so I guess, if instructors want to have samba access be the same
as pilot access, they must actually "sign-up" somehow everytime they
change their pilot password :(
#! /bin/bash
# /sbin/newpasswd
#
# Change the password of an existing user:
# newpasswd [name] [password]
PATH=/bin:/sbin:/usr/bin:/usr/sbin
NAME=$1
PASSWD=$2
# Define error message
usage ()
{
echo " "
echo "Usage: newpasswd [name] [password]"
echo " "
}
# Test for username
if [ -z "$NAME" ]; then
usage
exit 1
fi
# Test for existing user name
if ! id $NAME > /dev/null 2>&1; then
echo "No such user exists!"
exit 1
fi
# Test for password
if [ -z "$PASSWD" ]; then
usage
exit 1
fi
# Run the usermod command
if usermod -p `echo "print crypt('$PASSWD', 'RH');" | perl` $NAME; then
# Change password with /etc/smbpasswd
echo "$PASSWD" > /etc/smbpwd
echo "$PASSWD" >> /etc/smbpwd
smbpasswd -s $NAME < /etc/smbpwd
rm -f /etc/smbpwd
echo " "
echo "Success!"
echo "Changed the user: $NAME"
echo "To password: $PASSWD"
echo " "
else
echo " "
echo "Oops, something went wrong!"
echo " "
fi
Get these packages and install all three samba-2.0.7-4.i386.rpm samba-client-2.0.7-4.i386.rpm samba-common-2.0.7-4.i386.rpm (probably don't need samba-client though..except for development)
Generate a config file. (/etc/smb.conf)
# Samba config file created using LON-CAPA system
# Date: 2000/09/16 20:15:55
# Global parameters
[global]
workgroup = LONCAPA_{{{{[lonDefDomain]}}}}
netbios name = {{{{[lonHostID]}}}}
server string = Samba Server
encrypt passwords = Yes
log file = /var/log/samba/log.%m
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
[homes]
comment = Home Directories
writeable = Yes
browseable = No
Run these commands to sync the passwords. cat /etc/passwd | mksmbpasswd.sh > /etc/smbpasswd and run, per-user this command (for the users you want active) smbpasswd johndoe88 (but then you have to type in the passwords) (this refers to Step #0, the whole password issue)
Run /etc/rc.d/init.d/smb restart Run /etc/rc.d/init.d/inet restart
Be patient. In 10 minutes or so, Network Neighborhood will do its poorly designed Bill-Gates rhumba and realize your computer is indeed samba-ing on the network.