Samba-tng PDC- OpenLDAP - Password sync Working
Hayden Wimmer
hwimmer at bakerref.com
Tue Sep 19 23:17:45 GMT 2000
that is awsome...by any chance do you have active directory validating off
of ldap too?
----- Original Message -----
From: "Jody Haynes" <Jody.Haynes at isunnetworks.com>
To: <samba-ntdom at us4.samba.org>
Sent: Tuesday, September 19, 2000 12:29 PM
Subject: Samba-tng PDC- OpenLDAP - Password sync Working
>
> I just wanted to post this to let everyone know that I got the following
working:
>
> 1) Samba-TNG-2.6 as a PDC for Win2K, WinNT and Win98 clients
> 2) Password sync with Samba using OpenLDAP
> 3) Linux clients authenticating off of OpenLDAP using pam_ldap and
nss_ldap.
> 4) pam_ldap/nss_ldap encrypted with the use of stunnel
>
> Here is the following configuration information:
>
> smb.conf file:
>
> ldap suffix = "<LDAP Suffix>"
> ldap bind as = "<LDAP Bind Info>"
> ldap port = 389
> .
> .
> .
> unix password sync = yes
> passwd program = /usr/local/samba/bin/ldapsync %u
> passwd chat = *New*Password* %n\n *modifying*
>
> My ldap sync perl script called ldapsync %u:
>
> #!/usr/bin/perl -w
>
> $user=$ARGV[0];
> print "New Password: ";
> $pass=<STDIN>;
> chomp $pass;
>
> $salt=join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64];
>
> $pass=crypt($pass,$salt);
>
> $FILE="|ldapmodify -D '<LDAP Bind>' -w <LDAP Password>";
>
> open FILE or die;
>
> print FILE <<EOF;
> dn: uid=$user, ...ldap suffix...
> changetype: modify
> replace: userPassword
> userPassword: {crypt}$pass
>
> EOF
> close FILE;
>
> exit 0;
>
>
> The best reference material to go by is the following URL for samba as a
PDC and ldap:
>
> http://www.unav.es/cti/ldap-smb-howto.html
>
>
>
>
> --
> Jody Haynes
> ----------------------------------------
> iSun Networks, Inc.
> Email: Jody.Haynes at isunnetworks.com
> Website: www.isunnetworks.com
> ----------------------------------------
>
More information about the samba-ntdom
mailing list