smbpasswd(5) may fail for non-root users after upgrading Samba to version 4.x
(Doc ID 2263891.1)
Last updated on OCTOBER 10, 2019
Applies to:Solaris Operating System - Version 10 3/05 to 11.3 [Release 10.0 to 11.0]
Information in this document applies to any platform.
After upgrading Samba to version 4.x by e.g
- updating Solaris 11.3 to SRU 14.6 (or newer)
- or installing patch 119757-38 (or newer) on Solaris 10 (SPARC) or patch 119758-38 (or newer) on Solaris 10 (x86_64)
the smbpasswd(5) and similar commands may fail and display the message "... can only be used as root", when getting run
in a pfexec(1) shell by a non-root user for that prof_attr(4) and exec_attr(4) have become configured for delegating
such administrative permissions to that non-root user.
In this example, the user "sambaadm" does use a profile with the name "Samba Password Manager" that does grant
root-permissions to this user for executing the command /usr/bin/smbpasswd. Executing the smbpasswd(5) command
in a pfexec(1) shell as that user fails, and does display the message "smbpasswd -L can only be used by root.":
The Samba service in the system was upgraded from Samba version 3.x to Samba version 4.x
- Solaris 11.x: by updating the system to SRU 14.6 (or newer) for Solaris 11.3
- Solaris 10: by installing patch 119757-38 (SPARC) or 119758-38 (x86_64)
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document