I think there might be some misunderstandings 
propagated here, so I will blurt out my understanding
of Samba passwd stuff to clarify things and hopefully 
someone will correct me if I am wrong.

Win* Domains and *NIX use two different algorithms
for encrypting password in a file. Samba can use
the standard /etc/passwd (and /etc/shadow if 
configured -- it uses what you got), but passwords
from Win* clients then have to be clear text (which
is bad). They do not have to be clear text if Samba
uses a 'smbpasswd' file (it can be wherever 'smb.conf'
says it is) and maintains the password separately 
using the different encryption algorithm. 

Samba contains some configuration options to 
synchronize passwords from the Win* client side, 
and it is relately easy to wrap 'passwd' on the *NIX
side. You can also just make Samba hand off
authenication to a Win* PDC, and in 2.2.* it can
be a PDC (but not a BDC, yet). It could act 
as a PDC before, but not very well.

Winbind is not used to make the smbpasswd 
obsolete, it is used to make it so you can add
a Samba server to your Win* network and not
have to add all your users to that box (and 
maintain the user list separately). Winbind (as
shallowly as I've read) will allow Samba to pass
off authentication to a Win* PDC and if 
authentication is successful it will create a new
user on the *NIX box if there is none. This is 
nice for NAS and other appliances that use 
Samba.

Please let me know if I am mistaken.

>>> jspinti at dart.dartdist.com 11/13/01 07:46AM >>>
|On 12 Nov 2001, Ben Lutgens wrote:
|> On Mon, 2001-11-12 at 15:26, Andy Zbikowski (Zibby) wrote:
|> > On Mon, 12 Nov 2001, Munir Nassar wrote:
|> > > unix password sync = yes
|> > > passwd program = /usr/bin/passwd
|>
|> > AFAIK, this is for operating samba as a domain controller, and
|only works
|> > when you change your password through windows. If you update your unix
|> > password, your samba password isn't updated.
|>
|> Correctamundo.
|
|But this does not make any sense, if i have a win95 workstation and i have
|a samba PDC then all the user accounts are in the smbpasswd file, why then
|would it then change the unix(linux) password without changing the
|smbpasswd file. Would that not cause quite a bit of confusion not to
|mention the hassle of having to change the password twice?
|
| -munir

No.  That is backwards.  If you change your *nix passwd, smbpasswd is not
kept in synch.  The two are independently maintained after their initial
creation.

I understand that winbind is supposed to keep you from needing a smbpasswd
file, but I haven't tried it yet.  It is in the latest samba release, but I
am still running the release before that.