A script to add multiple SMB users with Windows access

Dec 22, '03 09:47:00AM

Contributed by: seann

Sometimes it can be hard to add 140 users to the command line. So you write scripts for that. It's even more pesky to allow them all to login from Windows.

I ran accross a script which would generate the hash files, however, on OS X 10.2 Server, it would not let me log in from Windows still. The following script fixes that.

Read the rest of the article for the script...


#!/usr/bin/perl -w

use Term::ReadKey;
use Crypt::SmbHash;

if (@ARGV<1)
{
print "Error\nUsage: smbpasswd name password\n";
exit 1;
}
$username = $ARGV[0];
$password = $ARGV[1];
print "Adding or Creating the Password for $username\n";

# encrypt the new password
$password =~ /(.*)/;
#$salt = join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64];
#$cpw = crypt($1, $salt);
$ENV{'PATH'} = '/bin:/usr/bin';

# Lets create the windows password hash
($lanManagePasword, $ntPassword) = ntlmgen $password;
$smbHashfile = "/private/var/db/samba/hash/" . $username;

delete $ENV{ENV};
delete $ENV{IFS};
delete $ENV{CDPATH};
delete $ENV{BASH_ENV};

# THE FOLLOWING IF STATEMENT SHOULD BE ONE LINE NOT TWO! #
# IT WAS BROKEN HERE FOR EASIER READABILITY ON THE WEB   #
if (system("/usr/bin/niutil", "-insertval", "/", "/users/$username", 
  "authentication_authority", ";basic;", "1") != 0)
{
print "Authentication values not added!  Failure at Insert Val 1\n";
exit 1;
}

# THE FOLLOWING IF STATEMENT SHOULD BE ONE LINE NOT TWO! #
# IT WAS BROKEN HERE FOR EASIER READABILITY ON THE WEB   #
if (system("/usr/bin/niutil", "-insertval", "/", "/users/$username", 
  "authentication_authority", ";LocalWindowsHash;", "2") != 0)
{
print "Authentication values not added! Failure at Insert Val 2\n";
exit 1;
}

# Check to see if the file already exists
if (stat($smbHashfile) ne NULL)
{
open(HASHFILE, ">" . $smbHashfile);
$newPasswordHash = $lanManagePasword . $ntPassword;
print HASHFILE $newPasswordHash;
close HASHFILE;
}
Hopefully this saves someone some time in the future...

Comments (4)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20031213005841533