Samba 3.0 + openldap + exop passwd change
Andrew Bartlett
abartlet at samba.org
Tue Oct 28 21:57:54 GMT 2003
On Wed, 2003-10-29 at 08:29, Andrew Bird (Sphere Systems) wrote:
> Hi there
> I'm just getting to grips with replacing NIS/smbpasswd with LDAP for single
> storage of user accounts. I'm looking into the passwd changing mechanism for
> both Windows and UNIX clients. Whilst you seem to have the Windows clients
> covered completely, userPassword/sambaNTpassword/sambaLMpassword all being
> populated fully from a windows client change. I can't currently see a way of
> populating these fields from UNIX. I want to use the pam_ldap module from
> PADL with the extended password operation passing up the plaintext password
> to the openldap server. But I think the server side only sets the
> userPassword attribute with the encrypted value (of servers choice). I read
> somewhere on the web that openldap has a plugin structure. Do you think it
> would be possible to write such a plugin to populate all three fields that
> could be executed by the exop passwd change mechanism?
As I have mentioned a number of times on various lists, I would really
love to see somebody write this plugin. In understand it is possible to
take over that particular EXOP, but I never really got started looking
at it. Make sure you use a recent OpenLDAP server.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20031029/d841b644/attachment.bin
More information about the samba-technical
mailing list