[389-users] 389-DSGW and userPassword / sambaNTPassword / sambaLMPassword synchronization
rmeggins at redhat.com
Mon Jul 18 12:45:42 UTC 2011
On 07/17/2011 03:32 PM, Alexandr Popov wrote:
> Hey, Rich!
> I've written a patch for DSGW. This patch allows to change
> "userpassword" and "sambantpassword" synchronously when users change
> their passwords in DSGW.
> Where should I learn how to make this patch available for community
> feedback and usage?
Open a bugzilla at https://bugzilla.redhat.com/enter_bug.cgi?product=389
Attach the patch to the bug as an attachment
Post the link to the bug to the users list for review
> 2011/7/5 Rich Megginson <rmeggins at redhat.com <mailto:rmeggins at redhat.com>>
> On 07/05/2011 07:02 AM, Alexandr Popov wrote:
>> I've got a directory server and DSGW running.
>> Mail server, openvpn server and samba share use ldap
>> authentication against this directory server. Users change their
>> passwords in DSGW.
>> The mailserver and openvpn use SSHA hash in "userpassword" field,
>> but samba uses NT hash and LM hash in "sambantpassword" and
>> "sambalmpassword" fields accordingly.
>> How can I make "userpassword" , "sambantpassword" and
>> "sambalmpassword" fields change synchronously when users change
>> their passwords in DSGW?
>> As I can understand, there is no already written 389-DS-plugin
>> for synchronizing these fields.
>> Moreover, it seems to me that such issues as mine are often
>> solved on the ldap clients:
>> Am I right?
>> So should I change domodify.c
>> which is responsible for password change in DSGW? Does it seem to
>> be useful for Community?
>> Looking forward to your prompt repy.
> Patches welcome.
> Or you could use IPA instead - IPA provides a plugin that keeps
> all of your passwords in sync - userPassword, and Samba and
> Kerberos passwords.
>> Best regards,
>> Alex Popov.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the 389-users