[K12OSN] SMBLDAP - Requiring and facilitating password

Fri Nov 21 12:38:16 UTC 2008

Hmm, this is a little more complicated than I thought.

I came up with a simpler idea though.  Create a custom launcher (for
Gnome) that runs smbpasswd in a terminal.  Here it is, as text and as an
attachment:

[Desktop Entry]
Encoding=UTF-8
Version=1.0
Type=Application
Terminal=true
Icon[en_US]=/usr/share/pixmaps/password.png
Name[en_US]=Password
Exec=/usr/bin/smbpasswd
Comment[en_US]=Change your Samba password
Name=Password
Comment=Change your Samba password
Icon=/usr/share/pixmaps/password.png

If you want to provide some additional text for instructions, you can
make the launcher call myscript.sh instead of smbpasswd.  myscript.sh
would then be something like:

#!/bin/bash
echo "This utility will change your Linux and Windows password.  Please
answer the following questions"
/usr/bin/smbpasswd

-Rob

Rob Owens wrote:
> Last time I tried, "passwd" did not work.  "smbpasswd" did work, though.
>  Additionally, changing their password from a Windows machine supposedly
> works (but I didn't test that).
> 
> I don't know of a GUI for this.  You could probably write a quick one
> using zenity.  Zenity makes it really easy to create dialog boxes.
> Go to System, Help, and search for zenity.
> 
> I'll see if I can piece together a script tomorrow.  Don't hold your
> breath, though -- I'm not an expert.
> 
> -Rob
> 
> 
> Carl Keil wrote:
>> Rob,
>>
>> Thank you for your reply.
>> I think I'd be OK with just telling people they needed to do it.  If
>> someone cracks their account and messes around it'll be a learning
>> experience for them.
>>
>> I'm not clear on how ordinary users change their password in the SMBLDAP
>> scheme though.   Does "passwd" work?  Is there a GUI?  These people are
>> on clients, not the server.  And I want it to change the password in the
>> LDAP database.
>>
>> Thanks,
>>
>> ck
>>
>>
>>
>>> Date: Thu, 20 Nov 2008 07:53:14 -0500 From: Rob Owens
>>> <rob.owens at biochemfluidics.com> Subject: Re: SMBLDAP - Requiring and
>>> facilitating password change at first logon To: "Support list for open
>>> source software in schools." <k12osn at redhat.com> Message-ID:
>>> <49255DBA.8040308 at biochemfluidics.com> Content-Type: text/plain;
>>> charset="iso-8859-1" I don't know how to force that. But you could
>>> *tell* them to do it, and then run a script the next day that attempts
>>> to log in each student using the password that you assigned. If it's
>>> successful, it can then change/disable the password, or email you, or
>>> put their name on a list, or something. That way you'll know who
>>> didn't follow instructions. -Rob Carl Keil wrote:
>>>>> Hey,
>>>>>> I've gotten a SMBLDAP server going on Centos.  I think it works
>>>> really
>>>>> well through all the testing I've done.  I'm about to convert people
>>>>> over to using it.  What's the best way for making the kids change
>>>> the PW
>>>>> at first login (I didn't assign very good passwords when I set up the
>>>>> accounts and now I'm worrying about it.)  Is there a GUI way to do
>>>> this?
>>>>>> Is there a way in LDAP to keep a person in the DB but not let
>>>> them log
>>>>> into workstations?  Like to toggle some sort of "active" field in
>>>> the db?
>>>>>> Oh, BTW all the workstations are Ubuntu 8.04, I'm hoping that
>>>> simplifies
>>>>> things.
>>>>>> Thanks,
>>>>>> ck
>> __________
********************************************************

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If you are not the addressee, any disclosure, reproduction,
copying, distribution, or other dissemination or use of this transmission in
error please notify the sender immediately and then delete this e-mail.
E-mail transmission cannot be guaranteed to be secure or error free as
information could be intercepted, corrupted lost, destroyed, arrive late or
incomplete, or contain viruses.
The sender therefore does not accept liability for any errors or omissions
in the contents of this message which arise as a result of e-mail
transmission. If verification is required please request a hard copy
version.

********************************************************
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Password.desktop
Type: application/x-desktop
Size: 329 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/k12osn/attachments/20081121/8fa1f725/attachment.bin>