Return to loncapasamba.html CVS log

Up to [LON-CAPA] / doc / build

howto's and descriptions of system services associated with LON-CAPA -Scott

<HTML>
<HEAD>
<TITLE>LON-CAPA Samba-Windows Connectivity Documentation</TITLE>
</HEAD>
<BODY>
<H1>LON-CAPA Samba-Windows Connectivity Documentation</H1>
<P>
Scott Harrison
</P>
<P>
Last updated: 10/26/2000
</P>
<H3>Introduction</H3>
<P>
This file describes issues associated with accessing a LON-CAPA machine through
Samba.  This allows Microsoft machines to mount portions of the LON-CAPA machine
as file space (useful for an instructor).
</P>
<P>
<H3>Password Synchronization</H3>
<PRE>
Can we sync samba password file space mounting with a kerberos v4 system?
The answer is yes-no-maybe so.  It is doable via kerberos v5
only with Microsoft Windows 2000.  Samba supports kerberos v4 but requires
instructors et al to change their windows settings to send plaintext
passwords over the net as opposed to encrypted passwords.
Can we even sync samba password file space with unix password file space?
ONLY if we script something that crypts both (assume a user has
already been added, this script invokes both usermod and smbpasswd...
similar to http://adis.on.ca/School-doc/Highschool-HOWTO-1-4.html)
so I guess, if instructors want to have samba access be the same
as pilot access, they must actually "sign-up" somehow everytime they
change their pilot password  :(

#! /bin/bash

# /sbin/newpasswd
#
# Change the password of an existing user:
#     newpasswd [name] [password]

PATH=/bin:/sbin:/usr/bin:/usr/sbin

NAME=$1
PASSWD=$2

# Define error message
usage ()
{
    echo " "
    echo "Usage: newpasswd [name] [password]"
    echo " "
}

# Test for username
if [ -z "$NAME" ]; then
    usage
    exit 1
fi

# Test for existing user name
if ! id $NAME > /dev/null 2>&1; then
    echo "No such user exists!"
    exit 1
fi

# Test for password
if [ -z "$PASSWD" ]; then
    usage
    exit 1
fi

# Run the usermod command
if usermod -p `echo "print crypt('$PASSWD', 'RH');" | perl` $NAME; then
    # Change password with /etc/smbpasswd
    echo "$PASSWD" > /etc/smbpwd
    echo "$PASSWD" >> /etc/smbpwd
    smbpasswd -s $NAME < /etc/smbpwd
    rm -f /etc/smbpwd
    echo " "
    echo "Success!"
    echo "Changed the user: $NAME"
    echo "To password:      $PASSWD"
    echo " "
else
   echo " "
   echo "Oops, something went wrong!"
   echo " "
fi

</PRE>
<H3>RPM packages</H3>
<PRE>
Get these packages and install all three
samba-2.0.7-4.i386.rpm
samba-client-2.0.7-4.i386.rpm
samba-common-2.0.7-4.i386.rpm
 (probably don't need samba-client though..except for development)
</PRE>
<H3>Configuration</H3>
<PRE>
Generate a config file. (/etc/smb.conf)

# Samba config file created using LON-CAPA system
# Date: 2000/09/16 20:15:55

# Global parameters
[global]
    workgroup = LONCAPA_{{{{[lonDefDomain]}}}}
    netbios name = {{{{[lonHostID]}}}}
    server string = Samba Server
    encrypt passwords = Yes
    log file = /var/log/samba/log.%m
    max log size = 0
    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    dns proxy = No

[homes]
    comment = Home Directories
    writeable = Yes
    browseable = No
</PRE>

<H3>Synchronizing passwords, quick fix</H3>
<PRE>
Run these commands to sync the passwords.
cat /etc/passwd | mksmbpasswd.sh > /etc/smbpasswd
and run, per-user this command (for the users you want active)
smbpasswd johndoe88 (but then you have to type in the passwords)
(this refers to Step #0, the whole password issue)
</PRE>

<H3>Process control</H3>
<PRE>
Run /etc/rc.d/init.d/smb restart
Run /etc/rc.d/init.d/inet restart
</PRE>

<H3>Notes</H3>
<PRE>
Be patient.  In 10 minutes or so, Network Neighborhood
will do its poorly designed Bill-Gates rhumba and realize your
computer is indeed samba-ing on the network.
</PRE>
</P>
</BODY>
</HTML>