Samba 3.0 + openldap + exop passwd change

Andrew Bird (Sphere Systems) ajb at
Tue Oct 28 21:29:07 GMT 2003

Hi there
	I'm just getting to grips with replacing NIS/smbpasswd  with LDAP for single 
storage of user accounts. I'm looking into the passwd changing mechanism for 
both Windows and UNIX clients. Whilst you seem to have the Windows clients 
covered completely, userPassword/sambaNTpassword/sambaLMpassword all being 
populated fully from a windows client change. I can't currently see a way of 
populating these fields from UNIX. I want to use the pam_ldap module from 
PADL with the extended password operation passing up the plaintext password 
to the openldap server. But I think the server side only sets the 
userPassword attribute with the encrypted value (of servers choice). I read 
somewhere on the web that openldap has a plugin structure. Do you think it 
would be possible to write such a plugin to populate all three fields that 
could be executed by the exop passwd change mechanism?


Andrew Bird

More information about the samba-technical mailing list