[389-users] 389-DSGW and userPassword / sambaNTPassword / sambaLMPassword synchronization
Juan Carlos Camargo Carrillo
juancar at eprinsa.es
Wed Jul 6 05:36:58 UTC 2011
Can IPA use 389ds as a replication partner? The idea is to have IPA as
a source directory with all of its growing benefits (kerberos, pass
sync, windows sync with selected attributes) while keeping faithful to
389ds, simply because that's the solution we're all here for.
El mar, 05-07-2011 a las 08:43 -0600, Rich Megginson escribió:
> On 07/05/2011 07:02 AM, Alexandr Popov wrote:
>
> > Hello!
> >
> > I've got a directory server and DSGW running.
> >
> > Mail server, openvpn server and samba share use ldap authentication
> > against this directory server. Users change their passwords in DSGW.
> >
> > The mailserver and openvpn use SSHA hash in "userpassword" field,
> > but samba uses NT hash and LM hash in "sambantpassword" and
> > "sambalmpassword" fields accordingly.
> >
> > How can I make "userpassword" , "sambantpassword" and
> > "sambalmpassword" fields change synchronously when users change
> > their passwords in DSGW?
> >
> > As I can understand, there is no already written 389-DS-plugin for
> > synchronizing these fields.
> > Moreover, it seems to me that such issues as mine are often solved
> > on the ldap clients:
> > http://web.archiveorange.com/archive/v/I3m7YImbRJ3Dj9WoXlCz
> > Am I right?
> >
> > So should I change domodify.c which is responsible for password
> > change in DSGW? Does it seem to be useful for Community?
> >
> > Looking forward to your prompt repy.
>
> Patches welcome.
>
> Or you could use IPA instead - IPA provides a plugin that keeps all of
> your passwords in sync - userPassword, and Samba and Kerberos
> passwords.
>
> >
> > Best regards,
> > Alex Popov.
>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20110706/2d390b5b/attachment.html>
More information about the 389-users
mailing list