smbpasswd(5) may fail for non-root users after upgrading Samba to version 4.x (Doc ID 2263891.1)

Last updated on MAY 10, 2017

Applies to:

Solaris Operating System - Version 10 3/05 to 11.3 [Release 10.0 to 11.0]
Information in this document applies to any platform.

Symptoms

After upgrading Samba to version 4.x by e.g

the smbpasswd(5) and similar commands may fail and display the message "... can only be used as root", when getting run
in a pfexec(1) shell by a non-root user for that prof_attr(4) and exec_attr(4) have become configured for delegating
such administrative permissions to that non-root user.

In this example, the user "sambaadm" does use a profile with the name "Samba Password Manager" that does grant
root-permissions to this user for executing the command /usr/bin/smbpasswd. Executing the smbpasswd(5) command
in a pfexec(1) shell as that user fails, and does display the message "smbpasswd -L can only be used by root.":

 

Changes

The Samba service in the system was upgraded from Samba version 3.x to Samba version 4.x

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms