Scott Harrison
Last updated: 10/26/2000
This file describes issues associated with accessing a LON-CAPA machine through Samba. This allows Microsoft machines to mount portions of the LON-CAPA machine as file space (useful for an instructor).
Can we sync samba password file space mounting with a kerberos v4 system? The answer is yes-no-maybe so. It is doable via kerberos v5 only with Microsoft Windows 2000. Samba supports kerberos v4 but requires instructors et al to change their windows settings to send plaintext passwords over the net as opposed to encrypted passwords. Can we even sync samba password file space with unix password file space? ONLY if we script something that crypts both (assume a user has already been added, this script invokes both usermod and smbpasswd... similar to http://adis.on.ca/School-doc/Highschool-HOWTO-1-4.html) so I guess, if instructors want to have samba access be the same as pilot access, they must actually "sign-up" somehow everytime they change their pilot password :( #! /bin/bash # /sbin/newpasswd # # Change the password of an existing user: # newpasswd [name] [password] PATH=/bin:/sbin:/usr/bin:/usr/sbin NAME=$1 PASSWD=$2 # Define error message usage () { echo " " echo "Usage: newpasswd [name] [password]" echo " " } # Test for username if [ -z "$NAME" ]; then usage exit 1 fi # Test for existing user name if ! id $NAME > /dev/null 2>&1; then echo "No such user exists!" exit 1 fi # Test for password if [ -z "$PASSWD" ]; then usage exit 1 fi # Run the usermod command if usermod -p `echo "print crypt('$PASSWD', 'RH');" | perl` $NAME; then # Change password with /etc/smbpasswd echo "$PASSWD" > /etc/smbpwd echo "$PASSWD" >> /etc/smbpwd smbpasswd -s $NAME < /etc/smbpwd rm -f /etc/smbpwd echo " " echo "Success!" echo "Changed the user: $NAME" echo "To password: $PASSWD" echo " " else echo " " echo "Oops, something went wrong!" echo " " fi
Get these packages and install all three samba-2.0.7-4.i386.rpm samba-client-2.0.7-4.i386.rpm samba-common-2.0.7-4.i386.rpm (probably don't need samba-client though..except for development)
Generate a config file. (/etc/smb.conf) # Samba config file created using LON-CAPA system # Date: 2000/09/16 20:15:55 # Global parameters [global] workgroup = LONCAPA_{{{{[lonDefDomain]}}}} netbios name = {{{{[lonHostID]}}}} server string = Samba Server encrypt passwords = Yes log file = /var/log/samba/log.%m max log size = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = No [homes] comment = Home Directories writeable = Yes browseable = No
Run these commands to sync the passwords. cat /etc/passwd | mksmbpasswd.sh > /etc/smbpasswd and run, per-user this command (for the users you want active) smbpasswd johndoe88 (but then you have to type in the passwords) (this refers to Step #0, the whole password issue)
Run /etc/rc.d/init.d/smb restart Run /etc/rc.d/init.d/inet restart
Be patient. In 10 minutes or so, Network Neighborhood will do its poorly designed Bill-Gates rhumba and realize your computer is indeed samba-ing on the network.