Um.. I think he's got his users set up now.
To do the password syncronisation stuff you need to look at these parameters in your smb.conf file :
# Use password server option only with security = server
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
# password server = *
; password server = <NT-Server-Name>
# Password Level allows matching of _n_ characters of the password for
# all combinations of upper and lower case.
; password level = 8
; username level = 8
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
# The following are needed to allow password changing from Windows to
# update the Linux sytsem password also.
# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
# NOTE2: You do NOT need these to allow workstations to change only
# the encrypted SMB passwords. They allow the Unix password
# to be kept in sync with the SMB password.
; unix password sync = Yes
; passwd program = /usr/bin/passwd %u
; passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
Essentially you pass it the name of your primary domain controller, and tell your box what password program to use to change passwords on your local machine. Tell it to authenticate using domain, and um.. I think that's it.
Note: I don't do this. So my experience with it is limited - I don't trust my domain controllers and use my Linux box as the authoratitive user dump instead of my NT boxes.
If someone else with experience with this would like to jump in here, you'd be more than welcome.
Slick.