我有一台运行 Debian 9 的机器,其中安装了 samba。我正在尝试将 debian 用户凭据与 samba 用户凭据同步。
我的 smb.conf 是这样的:
[global]
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = debian
security = user
dns proxy = no
log level = 3
server role = standalone server
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
[UserAuthRequired]
comment = User authentication required
path = /mnt/ExternalDisk1Master/AuthRequiredFolder
valid users = @samba_users
force group = samba_users
create mask = 0660
directory mask = 0771
writable = yes
使用此配置,如果我在 Linux 上更改用户密码,samba 凭据将无法正确同步(samba 继续使用旧密码)。有人可以给我提示吗?
干杯!
答案1
我知道这个问题已经存在一年多了,但我觉得它值得回答。unix 密码同步设置需要仔细阅读文档。它允许更改 SMB 密码以更新 UNIX 密码。
根据
配置文件
unix password sync (G)
This boolean parameter controls whether Samba attempts to synchronize the
UNIX password with the SMB password when the encrypted SMB password in
the smbpasswd file is changed. If this is set to yes the program
specified in the passwd program parameter is called AS ROOT - to allow
the new UNIX password to be set without access to the old UNIX password
(as the SMB password change code has no access to the old password
cleartext, only the new).
This option has no effect if samba is running as an active directory
domain controller, in that case have a look at the password hash gpg key
ids option and the samba-tool user syncpasswords command.
Default: unix password sync = no
请注意,这指的是 smbpasswd 文件被更改,而不是相反。
如果您能找到一种方法来让它反向工作,或者更好的是,在没有 Samba 用户的情况下工作,请告诉我们。