[389-users] 389-DSGW and userPassword / sambaNTPassword / sambaLMPassword synchronization

[Alexandr Popov]

Hey, Rich!

I've written a patch for DSGW. This patch allows to change "userpassword"
and "sambantpassword" synchronously when users change their passwords in
DSGW.

Where should I learn how to make this patch available for community feedback
and usage?


2011/7/5 Rich Megginson <rmeggins at redhat.com>

> **
> On 07/05/2011 07:02 AM, Alexandr Popov wrote:
>
> Hello!
>
> I've got a directory server and DSGW running.
>
> Mail server, openvpn server and samba share use ldap authentication against
> this directory server. Users change their passwords in DSGW.
>
> The mailserver and openvpn use SSHA hash in "userpassword" field, but samba
> uses NT hash and LM hash in "sambantpassword" and "sambalmpassword" fields
> accordingly.
>
> How can I make "userpassword" , "sambantpassword" and "sambalmpassword"
> fields change synchronously when users change their passwords in DSGW?
>
> As I can understand, there is no already written 389-DS-plugin for synchronizing
> these fields.
> Moreover, it seems to me that such issues as mine are often solved on the
> ldap clients:
>    http://web.archiveorange.com/archive/v/I3m7YImbRJ3Dj9WoXlCz
> Am I right?
>
> So should I change domodify.c<http://git.fedorahosted.org/git?p=389/dsgw.git;a=blob;f=domodify.c;h=5a3719276e3283e80415a884998e5281e066a8c1;hb=refs/tags/389-dsgw-1.1.7>which is responsible for password change in DSGW? Does it seem to be useful
> for Community?
>
> Looking forward to your prompt repy.
>
> Patches welcome.
>
> Or you could use IPA instead - IPA provides a plugin that keeps all of your
> passwords in sync - userPassword, and Samba and Kerberos passwords.
>
>
> Best regards,
> Alex Popov.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20110718/c42e1ff2/attachment.html>