将 samba 用户与 debian 用户同步

将 samba 用户与 debian 用户同步

我有一台运行 Debian 9 的机器,其中安装了 samba。我正在尝试将 debian 用户凭据与 samba 用户凭据同步。

我的 smb.conf 是这样的:

[global] 
  workgroup = WORKGROUP
  server string = Samba Server %v 
  netbios name = debian 
  security = user 
  dns proxy = no
  log level = 3
  server role = standalone server 
  passdb backend = tdbsam
  obey pam restrictions = yes
  unix password sync = yes
  passwd program = /usr/bin/passwd %u
  passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
  pam password change = yes
  map to guest = bad user

[UserAuthRequired]
  comment = User authentication required
  path = /mnt/ExternalDisk1Master/AuthRequiredFolder
  valid users = @samba_users
  force group = samba_users
  create mask = 0660
  directory mask = 0771
  writable = yes

使用此配置,如果我在 Linux 上更改用户密码,samba 凭据将无法正确同步(samba 继续使用旧密码)。有人可以给我提示吗?

干杯!

答案1

我知道这个问题已经存在一年多了,但我觉得它值得回答。unix 密码同步设置需要仔细阅读文档。它允许更改 SMB 密码以更新 UNIX 密码。

根据

配置文件

   unix password sync (G)

       This boolean parameter controls whether Samba attempts to synchronize the
       UNIX password with the SMB password when the encrypted SMB password in
       the smbpasswd file is changed. If this is set to yes the program
       specified in the passwd program parameter is called AS ROOT - to allow
       the new UNIX password to be set without access to the old UNIX password
       (as the SMB password change code has no access to the old password
       cleartext, only the new).

       This option has no effect if samba is running as an active directory
       domain controller, in that case have a look at the password hash gpg key
       ids option and the samba-tool user syncpasswords command.

       Default: unix password sync = no

请注意,这指的是 smbpasswd 文件被更改,而不是相反。

如果您能找到一种方法来让它反向工作,或者更好的是,在没有 Samba 用户的情况下工作,请告诉我们。

相关内容