Samba with LDAP or Kerberos Backend

tarjei at tarjei at
Mon May 31 20:25:14 GMT 2004

<posted & mailed>
Dhruv Soi wrote:
> Hi All,
> I have configured LDAP with pam module to authenticate user accounts,
> where LDAP is using kerberos database in the backend. Could anyone suggest
> me how it is possible with samba. My only requirement is that
> 1. Samba Passwords should be same as user passwords. And user can change
> that by sitting on windows terminal and Samba should not work as PDC.


KDC = key distribution center (Kerberosserver)
PDC = Primary Domain Controller (i.e. controller in a windowsdomain)

It is possible to set up heimdal-kerberos as a KDC that uses the passwords
from Samba as the startingpoint for makinge kerberospasswords. Thus all
passwords are stored in the ntpassword attribute.

>   a.. Either i can do if theres any option that ldap's lmPassword and
> ntPassword should match value in userPassword schema.
>   b.. Samba could fetch same userdatabase that ldap is fetching i.e. from
> kerberos either using ldap or by its own.
> Any help would be highly appreciated.
> I have configured samba with ldap backend but when a user change password
> he could not do it for samba and local account in one shot. Either i have
> to write script ro whatever but i think any of the above solutions should
> also work.
> PS: I am fed up by making all sort of Research. Please Help!!!
What you want to do is as the cutting edge of development so expect things
to be a bit hard :-)


> Thanks
> Dhruv
> System Admin
> Momentum Technologies

More information about the samba-technical mailing list