I've been trying to solve this particular mystery
for months (hey, stop laughing!!!
:P), and I have finally succeeded (about 2 months ago). So now, I want to share my findings with you:
The "passwd chat" directive in smb.conf is very picky. The smb.conf manpage is misleading
when it comes to that particular directive! It had me going in circles for months!!!
Here's the full passwd chat manpage URL:
This manpage example is misleading:
Example: passwd chat = "*Enter OLD password*" %o\n "*Enter NEW password*" %n\n "*Reenter NEW password*" %n\n "*Password changed*"
In fact, it is just plain wrong
because SAMBA will treat those asterisks as literals
. I discovered that when I set the "passwd chat debug" setting to "yes" and "debug level" to its highest (100). The log file actually suggested the asterisks as being literal
parts of the chat.
Here's my old passwd chat setting (inspired by the manpage):
passwd chat = "*password*" %n\n "*password*" %n\n "*updated*"
It never worked, even though it is very general, as you can see. This updated setting, however, works fine, and as you can see it is very specific:
passwd chat = New*password: %n\n Retype*new*password: %n\n passwd:*all*authentication*tokens*updated*successfully
As you can see in the smb.conf manpage, the format used for the "default" setting of the chat, i.e.:
Default: passwd chat = *new*password* %n\n *new*password* %n\n *changed*
the asterisks will actually be interpreted the way they are supposed to be interpreted (i.e. wildcards), whereas in the example line (see the very first quoted example), the asterisks were interpreted as literals.
I am just hopeful that this helps someone out there struggling to get UNIX password synchronization going under SAMBA. Worked for me!!
Any comments are welcome (did I miss anything?).
P.S. I wasn't sure if this forum is appropriate for information like this (i.e. answers instead of questions), so if I made a boo-boo
please forgive me.