Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"
Let The Music Play: Join EFF Today

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
Copyright Info
Terms of Use
Privacy Info
Masthead / Impressum
Your Account

Private Messages

News Archive
Submit News
User Articles
Web Links


The Web

Who's Online
There are currently, 77 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here






       This tool is part of the  Samba suite.

       smbpasswd  is  the  Samba encrypted password file. It con­
       tains the username, Unix user id and the SMB hashed  pass­
       words of the user, as well as account flag information and
       the time the password was last changed. This  file  format
       has been evolving with Samba and has had several different
       formats in the past.


       The format of the smbpasswd file used by Samba 2.2 is very
       similar  to  the  familiar  Unix  passwd(5) file. It is an
       ASCII file containing one line for each user.  Each  field
       within  each  line  is separated from the next by a colon.
       Any entry beginning with '#'  is  ignored.  The  smbpasswd
       file contains the following information for each user:

       name   This  is  the  user  name.  It  must be a name that
              already exists in the standard UNIX passwd file.

       uid    This is the UNIX uid. It must match the  uid  field
              for the same user entry in the standard UNIX passwd
              file.  If this  does  not  match  then  Samba  will
              refuse  to  recognize  this smbpasswd file entry as
              being valid for a user.

       Lanman Password Hash
              This is the LANMAN hash  of  the  user's  password,
              encoded  as  32 hex digits. The LANMAN hash is cre­
              ated by DES encrypting a well known string with the
              user's  password  as  the DES key. This is the same
              password used by Windows 95/98 machines.  Note that
              this  password  hash  is  regarded as weak as it is
              vulnerable to dictionary attacks and if  two  users
              choose the same password this entry will be identi­
              cal (i.e. the password is not "salted" as the  UNIX
              password  is). If the user has a null password this
              field will contain the characters "NO PASSWORD"  as
              the  start  of the hex string. If the hex string is
              equal to 32 'X' characters then the user's  account
              is marked as disabled and the user will not be able
              to log onto the Samba server.

              WARNING !! Note that, due to the challenge-response
              nature  of  the  SMB/CIFS  authentication protocol,
              anyone with a knowledge of this password hash  will
              be able to impersonate the user on the network. For
              this reason these hashes are known  as  plain  text

              This  password  hash is considered more secure than
              the LANMAN Password Hash as it preserves  the  case
              of  the  password  and  uses  a much higher quality
              hashing algorithm.  However, it is still  the  case
              that  if  two  users  choose the same password this
              entry will be identical (i.e. the password  is  not
              "salted" as the UNIX password is).

              WARNING  !!.  Note  that,  due  to  the  challenge-
              response nature of the SMB/CIFS authentication pro­
              tocol,  anyone  with  a  knowledge of this password
              hash will be able to impersonate the  user  on  the
              network.  For this reason these hashes are known as
              plain text equivalents and must NOT be made  avail­
              able  to anyone but the root user. To protect these
              passwords the smbpasswd file is placed in a  direc­
              tory with read and traverse access only to the root
              user and the smbpasswd file itself must be  set  to
              be read/write only by root, with no other access.

       Account Flags
              This  section  contains  flags  that  describe  the
              attributes of the users account. In the  Samba  2.2
              release  this  field  is  bracketed  by '[' and ']'
              characters and is always 13  characters  in  length
              (including  the  '[' and ']' characters).  The con­
              tents of this field may be any of the characters.

              · U - This means this is a "User" account, i.e.  an
                ordinary  user.  Only  User and Workstation Trust
                accounts are currently supported in the smbpasswd

              · N  -  This means the account has no password (the
                passwords in the fields LANMAN Password Hash  and
                NT  Password  Hash  are  ignored). Note that this
                will only allow users to log on with no  password
                if  the   null  passwords parameter is set in the
                 config file.

              · D - This means the account  is  disabled  and  no
                SMB/CIFS logins will be allowed for this user.

              · W  -  This  means  this account is a "Workstation
                Trust" account. This kind of account is  used  in
                the  Samba  PDC  code  stream to allow Windows NT
                Workstations and Servers to join a Domain  hosted
                by a Samba PDC.

       Other  flags  may  be  added  as  the  code is extended in


       This man page is correct for  version  2.2  of  the  Samba


       smbpasswd(8) samba(7) and the Internet RFC1321 for details
       on the MD4 algorithm.


       The original Samba software  and  related  utilities  were
       created  by Andrew Tridgell. Samba is now developed by the
       Samba Team as an Open Source project similar  to  the  way
       the Linux kernel is developed.

       The  original  Samba  man pages were written by Karl Auer.
       The  man  page  sources  were  converted  to  YODL  format
       (another  excellent  piece of Open Source software, avail­
       able          at           ftp://ftp.icce.rug.nl/pub/unix/
       <URL:ftp://ftp.icce.rug.nl/pub/unix/>) and updated for the
       Samba 2.0 release by Jeremy  Allison.  The  conversion  to
       DocBook for Samba 2.2 was done by Gerald Carter

                         19 November 2002            SMBPASSWD(5)



Security Code
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!

Amazon Wish List

Did You Know?
You can get all the latest Site and Linux news by checking out our news page.


Tell a Friend About Us

Bookmark and Share

Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.05 Seconds