Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Quick way to migrate 500 users to Password Server or tim for SMB authentication?

I know this has been discussed before, but I have 500 users with Netinfo (crypt-style) passwords that I want to now have authenticated by Password Server so that they can use Samba services. I have (somewhere secure, I hope) a database of their passwords in cleartext, also.

Is there a niutil-type command line for entering these passwords if I switch their authentication method to Password Server? I assume I can do this using niload. If it is going to require manual entering of passwords, I will wait until next summer if I do it at all. Has anyone successfully dealt with this issue? Seems like there will be a lot of admins having to go this route. I've been scared off using Password Server right now by reading some newsgroup postings, so...

Looking around, I find that the 10.2.3 Admin Guide pages 617ff have some mention of using the Authentication Manager with Netinfo ("tim passwords") for authenticating from SMB clients. Will this work with NT-Lan Manager encrypted passwords?

If you follow the instructions on pages 617, it shows how to reset the root tim passwords on various Netinfo domains:

sudo NeST -settimpassword <domain_tag> root <rootpassword> <rootpassword>

Will this command also work with regular users as well as root (assuming they are in the correct Netinfo domain), instead of making users reset their own passwords? The documentation says that after setting up Authenitcation Manager, "each password change made to a user account will generate an Authentication Manager password for the user." I don't want to have to force all my users (or me) to change their passwords.

By the way, what does the abbreviation "tim" stand for?

And it would be nice of Apple to document NeST with a manpage or a PDF.

Peter Zingg
Technology Coordinator
Kentfield School District
699 Sir Francis Drake Blvd.
Kentfield, CA 94904
email@hidden
_______________________________________________
macos-x-server mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macos-x-server
Do not post admin requests to the list. They will be ignored.


Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.