Bug 1795 - "smbpasswd -s -m" cannot change computer password
Summary: "smbpasswd -s -m" cannot change computer password
Status: RESOLVED LATER
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: smbclient (show other bugs)
Version: 3.0.7
Hardware: x86 Linux
: P3 minor
Target Milestone: none
Assignee: Jeremy Allison
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-09-19 00:45 UTC by Norman Meilick
Modified: 2006-04-20 07:57 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Norman Meilick 2004-09-19 00:45:19 UTC 
Until changes made in 3.0.6, one could change the password of a computer account 
using "smbpasswd -m host password". Now that support for giving the password in 
the command line was removed for some reason or other, this of course is no 
longer possible. Unfortunataly, using stdin for passwords does not work with 
computer accounts. E.g.

# smbpasswd -s -m hostname

fails with

Failed to set password for user hostname$.
Failed to modify password entry for user hostname$

without even asking for a password.
It does work for users, but when doing

# smbpasswd hostname$
secret[RETURN]
secret[RETURN]

instead, the workstation flag is changed to a user flag, requiring a 

# smbpasswd -e -m hostname

to fix.
So, apart from asking you to try and not change command line syntax from one 
minor version to another, it would be good if you treated a computer account the 
same as a user account in this regard, as there are quite valid reasons why one 
would need to set computer passwords to arbitrary values.
Comment 1 Gerald (Jerry) Carter (dead mail address) 2004-09-19 17:28:14 UTC 
(echo password; echo password) | smbpasswd -s -m machine
Comment 2 Norman Meilick 2004-09-19 22:24:16 UTC 
(In reply to comment #1)
> (echo password; echo password) | smbpasswd -s -m machine

Are you sure you actually tried in v3.0.7? I did, and all I get is:

# useradd machine$; smbpasswd -a -m machine
Added user machine$.
# (echo secret; echo secret) | smbpasswd -s -m machine
Failed to set password for user machine$.
Failed to modify password entry for user machine$

stdin does work for users, not for machine accounts. If I've missed something, 
please let me know. Thanks.
Comment 3 Gerald (Jerry) Carter (dead mail address) 2004-09-20 04:04:41 UTC 
Jeremy,  since you are the one who removed this beahvior, i'm 
going to let you deal with this.  I've already handled several 
reports relating to it on the mailing list.
Comment 4 Volker Lendecke 2004-09-21 01:46:58 UTC 
Just a quick question: What are you using this for? Machine passwords are set
upon account creation. They are usually not set manually. A machine changes it
itself.

Volker
Comment 5 Norman Meilick 2004-09-21 02:14:33 UTC 
(In reply to comment #4)
> Just a quick question: What are you using this for?

I know the mechanism behind machine accounts. We need this for cloning Windows 
installations (there's one image, computers are cloned during PXE on every start 
(self healing), machine accounts are set to random values on server and client, 
and then the actual OS starts; compared to other imaging systems like Ghost, 
there's no reboot or manually re-joining a domain necessary).
Comment 6 Gerald (Jerry) Carter (dead mail address) 2006-04-20 07:57:48 UTC 
maybe later.