A script to add multiple SMB users with Windows access
Dec 22, '03 09:47:00AM • Contributed by: seann
Dec 22, '03 09:47:00AM • Contributed by: seann
Sometimes it can be hard to add 140 users to the command line. So you write scripts for that. It's even more pesky to allow them all to login from Windows.
I ran accross a script which would generate the hash files, however, on OS X 10.2 Server, it would not let me log in from Windows still. The following script fixes that.
Read the rest of the article for the script...
I ran accross a script which would generate the hash files, however, on OS X 10.2 Server, it would not let me log in from Windows still. The following script fixes that.
Read the rest of the article for the script...
#!/usr/bin/perl -w
use Term::ReadKey;
use Crypt::SmbHash;
if (@ARGV<1)
{
print "Error\nUsage: smbpasswd name password\n";
exit 1;
}
$username = $ARGV[0];
$password = $ARGV[1];
print "Adding or Creating the Password for $username\n";
# encrypt the new password
$password =~ /(.*)/;
#$salt = join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64];
#$cpw = crypt($1, $salt);
$ENV{'PATH'} = '/bin:/usr/bin';
# Lets create the windows password hash
($lanManagePasword, $ntPassword) = ntlmgen $password;
$smbHashfile = "/private/var/db/samba/hash/" . $username;
delete $ENV{ENV};
delete $ENV{IFS};
delete $ENV{CDPATH};
delete $ENV{BASH_ENV};
# THE FOLLOWING IF STATEMENT SHOULD BE ONE LINE NOT TWO! #
# IT WAS BROKEN HERE FOR EASIER READABILITY ON THE WEB #
if (system("/usr/bin/niutil", "-insertval", "/", "/users/$username",
"authentication_authority", ";basic;", "1") != 0)
{
print "Authentication values not added! Failure at Insert Val 1\n";
exit 1;
}
# THE FOLLOWING IF STATEMENT SHOULD BE ONE LINE NOT TWO! #
# IT WAS BROKEN HERE FOR EASIER READABILITY ON THE WEB #
if (system("/usr/bin/niutil", "-insertval", "/", "/users/$username",
"authentication_authority", ";LocalWindowsHash;", "2") != 0)
{
print "Authentication values not added! Failure at Insert Val 2\n";
exit 1;
}
# Check to see if the file already exists
if (stat($smbHashfile) ne NULL)
{
open(HASHFILE, ">" . $smbHashfile);
$newPasswordHash = $lanManagePasword . $ntPassword;
print HASHFILE $newPasswordHash;
close HASHFILE;
}
Hopefully this saves someone some time in the future...
•
[10,538 views]
