How do we easily add user and password for samba server in Yast?

I always have to add user and password in CLI, how to do it in Yast?

OS: openSUSE Leap 42.1
Desktop: Gnome
CPU: i5-4460
RAM: Kingston 4G 1333

Yast -Security and users - User and group management. to add user

Can do it from GUI or command line yast

Yast-Network services - Samba server to add user to samba

I didn’t see the place to add username and password in Yast-Network services - Samba server

You are quite correct there does not appear to be an option in YaST to set Samba users and password, at least I’ve not found one.

Stuart

Is a combo of add user to system and allow groups or user to certain areas. In addition directories are set to share and by which group or users by right click - properties and share. So it is just not one place.

I think the confusion comes from KDE4 where you had a Samba setup application where you assigned shares AND set up the users with their Samba password, on my Leap system I set the Samba password using smbpasswd command in the cli. I had expected something similar in YaST but there seems to be no up to date documentation (that I’ve found so far) which explains what is needed in Leap.

Stuart

I learned a new command for samba, it is pdbedit.
Is it any different to smbpasswd?

I think pdbedit is much more powerful than smbpasswd which is just used to set a Samba password for a user.

I am starting to think that perhaps one does not need a separate Samba password because of the user/group set up in OpenSUSE Leap, if I understand the comments earlier it implies that any users would be able to access shares probably using their system login password and not a separate and potentially different Samba password. Can someone please confirm whether or not setting a Samba password is required for a user to be able to access Samba shares?

Stuart

You can do stuff in Yast (e.g. see earlier posts) but here’s a bit about Samba and stuff done from the command line and in the configuration file/s.

Some shares can be accessed by users without passwords. These are typically structured in individual “stanzas” in the file /etc/samba/smb.conf . A stanza in that file that is like this:

[ShareName]
path = /path_to/shared_directory
read only = no
guest ok = yes

It’s the “guest ok” line that makes it unnecessary to use a password.

But the default setup for Samba in Leap (and 13.x, 12,x, 11.x, 10.x) shares all the home directories in a secure fashion, so it is always necessary to add a user to the Samba user database if one wants to get into those shares.

If you want to see who is in the Samba password list, run this command in a root console:

pdbedit -L

The dialog looks like this:

hostname:~ # pdbedit -L
papa:1000:papa
ethel:1001:ethel
timothy:1002:timothy

In the above example someone had previously added all three users into the Samba user database.

If you want to add someone e.g. barack to the Samba password list, or change the password for an existing user, run this command in a root console:

smbpasswd -a barack

The dialog looks like this:

hostname:~ # smbpasswd -a barack
New SMB password: ######
Retype new SMB password: ######

To delete someone run this:

smbpasswd -x barack

Only Linux users (who already exist as Linux “users” in your Leap installation) can be added to the Samba user database.

Yes I do know how to do it all via the cli, I believe the OP was saying that there is no way in YaST to do this which is to me surprising as you acn do pretty much everything in YaST which you can do in the cli but from a GUI, except for setting Samba users and Samba passwords. I believe this is an oversight which should be corrected.

Stuart

Yes, it is what I mean, it should be able to be done in YaST.

It’s weird isn’t it. Maybe you should suggest for that to be fixed. If we don’t tell the developers what we want, they won’t know we want it.

(openFATE)

Or, is it simply that a lot of Samba installations use LDAP or Windows Domain Controllers to manage the user’s accounts and, that the Samba servers simply query the user’s account management servers?

I must admit that currently my Samba system is based on the “No-Frills” model but, I’m considering setting up a server to handle LDAP.

They sound so complicated.

Correct!
But, once they’ve been setup the need to use CLI commands to manage Samba users and their passwords disappears, due to the centralized user management database which Samba makes use of, if it exists.

The no frills version mentioned earlier accommodates the no-frills version of a server, whereby the entire filesystem of a Linux user is broadcast to each user on other computers, via the “profiles” link (similar to windows server). The broadcast filesystem of a user is invisible to other users. This functionality exists by default in Leap. Most people don’t know this because they don’t see their roaming profile until they are added to the Samba user database, then it reveals itself via the “profiles” link.

I have difficulty understanding why folk would have trouble opening a console window and typing in the words “sudo smbpasswd -a billybunter”. Digging around in Yast was for me quite a task when I was a new user in Linux, but typing that line was never a burden.

Well, it seems some people have CLI-phobia, a serious and unfounded fear of the command line … usually because they have not tried it much, if at all.

Most often, after they have used it a few times, they realize how much quicker, easier, and exact it is.:wink:

I wish I had a Pound (or 2 dollars) for everytime someone says this. The point here is that on every system I’ve used prior to opensuse there was a Samba settings gui which allowed ALL of the necessary settings to configure it in one place. Now this is NOT true in opensuse which in my view is an omission. For completeness it should be added. I do not have a fear of the CLI but a lot of people come from either other flavours of Linux or even better Windows and expect these things to be complete and for user friendlyness I can completely understand why this should be.

So please no more comments about CLI phobia.

Stuart

Why don’t you want the GUI application be complete, not lack of lots of stuff?
Don’t you want the YaST be powerful?

I would like to see that in YaST but it seems it’s not such a crucial feature or there is nobody to develop and maintain it :slight_smile: I can certainly live without it.