[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netatalk
Subject:    Re: Password change=lockout
From:       Benjamin Gilbert <i479 () prism ! simplenet ! com>
Date:       2000-01-24 18:36:41
[Download RAW message or body]

>>> After three of my four users have changed their passwords in the past
>>> few days, they can no longer mount shares via netatalk.  They can connect
>>> fine with telnet, FTP, samba, etc., just not netatalk.  Is there some cache
>>> I need to flush or some such?
>> If, however, you're using cleartext passwords: if your /etc/passwd (or
>> /etc/shadow) is set up to store more than the first 8 characters of
>> passwords (using MD5 encryption or somesuch), be aware that AppleShare
>> authentication (excluding the new DHX UAM, I believe) doesn't support
>> passwords longer than 8 characters.
>The AppleTalk dialog does say we're using cleartext, and I have tried
>setting the users' passwords to long (9+) and short (8 or less) values, but
>nothing seems to work for any user who has changed his password recently.  I
>am hesitant to change my own at this point.

Are you using PAM?  Is netatalk compiled with PAM support?  Do the 
pam_pwdb settings in /etc/pam.d/login match those in /etc/pam.d/netatalk?

Oh, and --
>I am running Netatalk 1.4b on RedHat 6.1 with MacOS 9 clients.  We've had
Do you mean netatalk+asun, or really netatalk 1.4b2?  If you're not using 
the asun patches, netatalk doesn't support PAM and won't be able to read 
MD5 passwords in /etc/shadow.  You might want to upgrade your netatalk...
<ftp://ftp.cobaltnet.com/pub/users/asun/testing/pre-asun2.1.4-37b.tar.gz>

--Benjamin Gilbert

[prev in list] [next in list] [prev in thread] [next in thread]