How to SYNC Linux and Samba user password

In order to sync Linux user password and Samba user password, you have to configure PAM. Personally I’m using SLES9 for my testing environment and I have to configure /etc/pam.d/passwd and /etc/pam.d/sshd as following:

password required pam_smbpass.so nullok try_first_pass use_authtok

How to test?
Create a new user called testing
#useradd -m testing

Setup default password
#passwd testing

Create a new samba user
#smbpasswd -a testing
#New SMB password:
#Retype new SMB password:

Configure password expire for user testing
#passwd -e testing

Login as user testing and you should be able to enter new password.

How to check whether Linux and Samba password are sync?

Make sure both file having the same date & time
#ls -l /etc/shadow
#ls -l /etc/samba/smbpasswd

Test Linux login
#SSH to my machine with user testing and new password
Read more

Possibly Related Posts:

• Google Public DNS Down?
• lppasswd: Unable to open passwd file: Permission denied
• Missing /var/log/lastlog
• Telnet service_limit error
• Google accounts on Twitter

How to Configure SLES Linux to track and log failed login attempt records

Did you know how to lock user account after too many login failures?  Under Linux, you can enable this functionality using PAM and faillog.

To provide the account locking functionality, we need to add a PAM module called pam_tally. Basically I’ll show you ‘how to configure track and log failed login attempt records on a SLES Linux host‘ and how to prevent a potential denial of service attack from the repeated locking of user accounts. Beware!

You can use faillog command to display faillog records or set login failure limits. Faillog formats the contents of the failure log from /var/log/faillog database log file. If you don’t have /var/log/faillog, initially you can type: touch /var/log/faillog

For PAM Configuration, pam_tally.so module maintains a count of attempted accesses, can reset count on success, can deny access if too many attempts fail. Probably you may refer to http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/sag-pam_tally.html

For SuSE Linux, edit /etc/pam.d/sshd and add:


auth required pam_tally.so no_magic_root
account required pam_tally.so deny=5 no_magic_root lock_time=180 onerr=fail reset per_user


Read more

Possibly Related Posts:

• Google Public DNS Down?
• lppasswd: Unable to open passwd file: Permission denied
• Missing /var/log/lastlog
• Telnet service_limit error
• Google accounts on Twitter

Planet Malaysia on Facebook

• Categories

  • Advertisement
  • Aggregates
  • amulets
  • Announcement
  • Blog
  • Blogroll
  • Contacts
  • Events
  • How's To
  • ISP
  • Make Money
  • Microsoft
  • News
  • Open Source
  • Personal
  • Politics
  • Poll
  • Religion
  • SEO
  • Soccer
  • Tips
  • Training
  • Uncategorized
  • VMware
  • Web 2.0
  • Windows

• Recent Posts

  • 2009 Metrics
  • Google Public DNS Down?
  • 2009 Year-End Google Zeitgeist Malaysia
  • Google Business Drop OR Google AdWords Promotion?
  • lppasswd: Unable to open passwd file: Permission denied
  • Missing /var/log/lastlog
  • Leklai
  • Shakyamuni Relics
  • Happy Deepavali 2009
  • Selamat Hari Raya 2009

• Archives

  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006