[389-users] 389-DSGW and userPassword / sambaNTPassword / sambaLMPassword synchronization
Rich Megginson
rmeggins at redhat.com
Mon Jul 18 12:45:42 UTC 2011
On 07/17/2011 03:32 PM, Alexandr Popov wrote:
> Hey, Rich!
>
> I've written a patch for DSGW. This patch allows to change
> "userpassword" and "sambantpassword" synchronously when users change
> their passwords in DSGW.
>
> Where should I learn how to make this patch available for community
> feedback and usage?
Open a bugzilla at https://bugzilla.redhat.com/enter_bug.cgi?product=389
Attach the patch to the bug as an attachment
Post the link to the bug to the users list for review
>
>
> 2011/7/5 Rich Megginson <rmeggins at redhat.com <mailto:rmeggins at redhat.com>>
>
> On 07/05/2011 07:02 AM, Alexandr Popov wrote:
>> Hello!
>>
>> I've got a directory server and DSGW running.
>>
>> Mail server, openvpn server and samba share use ldap
>> authentication against this directory server. Users change their
>> passwords in DSGW.
>>
>> The mailserver and openvpn use SSHA hash in "userpassword" field,
>> but samba uses NT hash and LM hash in "sambantpassword" and
>> "sambalmpassword" fields accordingly.
>>
>> How can I make "userpassword" , "sambantpassword" and
>> "sambalmpassword" fields change synchronously when users change
>> their passwords in DSGW?
>>
>> As I can understand, there is no already written 389-DS-plugin
>> for synchronizing these fields.
>> Moreover, it seems to me that such issues as mine are often
>> solved on the ldap clients:
>> http://web.archiveorange.com/archive/v/I3m7YImbRJ3Dj9WoXlCz
>> Am I right?
>>
>> So should I change domodify.c
>> <http://git.fedorahosted.org/git?p=389/dsgw.git;a=blob;f=domodify.c;h=5a3719276e3283e80415a884998e5281e066a8c1;hb=refs/tags/389-dsgw-1.1.7>
>> which is responsible for password change in DSGW? Does it seem to
>> be useful for Community?
>>
>> Looking forward to your prompt repy.
> Patches welcome.
>
> Or you could use IPA instead - IPA provides a plugin that keeps
> all of your passwords in sync - userPassword, and Samba and
> Kerberos passwords.
>>
>> Best regards,
>> Alex Popov.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20110718/ad3e51e0/attachment.html>
More information about the 389-users
mailing list