[389-users] 389-DSGW and userPassword / sambaNTPassword / sambaLMPassword synchronization
Rich Megginson
rmeggins at redhat.com
Tue Jul 5 14:43:36 UTC 2011
On 07/05/2011 07:02 AM, Alexandr Popov wrote:
> Hello!
>
> I've got a directory server and DSGW running.
>
> Mail server, openvpn server and samba share use ldap authentication
> against this directory server. Users change their passwords in DSGW.
>
> The mailserver and openvpn use SSHA hash in "userpassword" field, but
> samba uses NT hash and LM hash in "sambantpassword" and
> "sambalmpassword" fields accordingly.
>
> How can I make "userpassword" , "sambantpassword" and
> "sambalmpassword" fields change synchronously when users change their
> passwords in DSGW?
>
> As I can understand, there is no already written 389-DS-plugin for
> synchronizing these fields.
> Moreover, it seems to me that such issues as mine are often solved on
> the ldap clients:
> http://web.archiveorange.com/archive/v/I3m7YImbRJ3Dj9WoXlCz
> Am I right?
>
> So should I change domodify.c
> <http://git.fedorahosted.org/git?p=389/dsgw.git;a=blob;f=domodify.c;h=5a3719276e3283e80415a884998e5281e066a8c1;hb=refs/tags/389-dsgw-1.1.7>
> which is responsible for password change in DSGW? Does it seem to be
> useful for Community?
>
> Looking forward to your prompt repy.
Patches welcome.
Or you could use IPA instead - IPA provides a plugin that keeps all of
your passwords in sync - userPassword, and Samba and Kerberos passwords.
>
> Best regards,
> Alex Popov.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20110705/a3ddbf4b/attachment.html>
More information about the 389-users
mailing list