Using Samba with Windows NT 4.0 and Windows 2000

The Microsoft SMB Protocol originally used plaintext passwords. However, Windows 2000 and Windows NT 4.0 with Service Pack 3 or higher require encrypted Samba passwords. To use Samba between a Red Hat Linux system and a system with Windows 2000 or Windows NT 4.0 Service Pack 3 or higher, you can either edit your Windows registry to use plaintext passwords or configure Samba on your Linux system to use encrypted passwords. If you choose to modify your registry, you must do so for all your Windows NT or 2000 machines — this is risky and may cause further conflicts.

To configure Samba on your Red Hat Linux system to use encrypted passwords, follow these steps:

  1. Create a separate password file for Samba. To create one based on your existing /etc/passwd file, at a shell prompt, type the following command:
    cat /etc/passwd | > /etc/samba/smbpasswd
    The script is installed in your /usr/bin directory with the samba package.

  2. Use the command chmod 600 /etc/samba/smbpasswd to change permissions on the Samba password file so that only root has read and write permissions.

  3. The script does not copy user passwords to the new file. To set each Samba user's password, use the command smbpasswd username (replace username with each user's username). A Samba user account will not be active until a Samba password is set for it.

  4. The next step is to enable encrypted passwords in the Samba configuration file. In the file smb.conf, uncomment the following lines:
    encrypt password = yes
    smb passwd file = /etc/samba/smbpasswd

  5. To have the changes take effect, restart Samba by typing the command service smb restart at a shell prompt.

TipAdditional Information

To read more about Using Samba with Windows NT 4.0 and Windows 2000, read ENCRYPTION.txt, Win95.txt, and WinNT.txt in the directory /usr/share/doc/samba-version-number/docs/textdocs/ (replace version-number with the version-number of Samba that you have installed).