[389-users] Synchronizing passwords
Juan Asensio Sánchez
okelet at gmail.com
Mon Jun 21 13:33:36 UTC 2010
Emmm, well, this makes samba update userPassword when changing the password
from Windows. But if i change the password from Linux, samba passwords are
not updated, because linux machines are autheticating directly with LDAP,
not with Samba (just userPassword).
I have found this message (in 2006), about the same, but without concrete
solution.
http://www.redhat.com/archives/fedora-directory-devel/2006-May/msg00000.html
Regards.
El 21 de junio de 2010 14:19, Miguel Medalha <miguelmedalha at sapo.pt>escribió:
>
> Is 389DS able to compute sambaLMPassword and sambaNTPassword automatically
>> when userPassword is updated? Is there any pugin? If not, which plugin is
>> the best to take as base to do this?
>>
>
> There is a parameter in smb.conf:
>
> "ldap passwd sync = Yes"
>
> Doesn't it work for you?
>
> Or maybe you are referring to
>
> "ldap passwd sync = Only"
>
>
> From the smb.conf man page:
>
> -----------------------
> ldap passwd sync (G)
> This option is used to define whether or not Samba should sync the LDAP
> password with the NT and LM hashes for normal accounts (NOT for workstation,
> server or domain trusts) on a password change via SAMBA.
>
> The ldap passwd sync can be set to one of three values:
>
> Yes = Try to update the LDAP, NT and LM passwords and update the pwdLastSet
> time.
>
> No = Update NT and LM passwords and update the pwdLastSet time.
>
> Only = Only update the LDAP password and let the LDAP server do the rest.
>
> Default: ldap passwd sync = no
> -----------------------
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20100621/175adf9c/attachment.html>
More information about the 389-users
mailing list