Password Sync

Peter Samuelson peter at
Wed Jun 28 18:53:20 GMT 2000

[Elrond <elrond at>]
> Oh. Can you ask Lars to include a link on his pages to your stuff? (I
> don't know, if he has some "related stuff"-page on his
> pages... didn't look there for a long time.)

I don't know that I have all *that* much stuff and it's certainly not
organized to the point of being possible to navigate ... if and when I
improve matters I'll probably ask for a little "official recognition".

> Well, if the first pam module succeeds in changing a password, that
> later is sufficient to authenticates to again change a password, and
> all the other pam-modules are made to do a "force pw-change" (as the
> rpcclient-example above) the user just can try to change it again...
> (on the other side, I don't know enough about pam...)

Yeah, the difficulty is really in using two or more schemes, all of
which require both the old and the new passwords.  Then if one fails,
you're out of sync with no way to get back in.  If you use something
like rpcclient with the administrator password, this isn't as big of a
problem.  I guess I was thinking of smbpasswd against a remote PDC,
where you *aren't* do an administrative override.


More information about the samba-ntdom mailing list