Samba Ldap sync
Mark Proehl
M.Proehl at science-computing.de
Thu Sep 8 15:44:52 GMT 2005
Hello,
there's a patch for Samba 3.0.10 to let Samba modify the userPassword
attribute:
https://bugzilla.samba.org/show_bug.cgi?id=2326
This patch was made to support LDAP servers that don't implement the
password changeing extended operation (like SunOne). It only sets the
{crypt} hash.
Mark
On Wed, Sep 07, 2005 at 03:40:11PM -0700, Paul Neeley wrote:
> Hello,
>
> I have compiled Samba 3.0.11 on solaris 2.9 and running with start_tls
> with SunOne DS5.2_Patch_3. I currently have samba clients
> authenticating against the sun one directory server and it works.
> Users can also log in to the solaris box and using smbpasswd can change
> their sambantpassword and sambalmpassword. They are also able to change
> their ldap passwd via the solaris passwd command.
>
> I have ldap passwd sync set to yes, but the ldap password never gets
> changed and I am unable to see any failures in the ldap access logs.
>
> Do these 3 password get changed during the same LDAPS connection?
>
> Hope someone has some ideas, I have been at this for about a month or so.
>
>
> Here is my smb.conf
>
> [global]
> security = user
> encrypt passwords = yes
>
> netbios name = GSN1
> server string = DRI Group Server #1 North
> workgroup = NNSC
> name resolve order = hosts bcast
> load printers = no
> show add printer wizard = no
>
> interfaces = 192.168.100.0/255.255.255.0 10.10.8.0/255.255.248.0
> 10.10.80.0/255.255.255.0 10.10.20.0/255.255.255.0 10.10.30
> .0/255.255.255.0 127.0.0.1/255.0.0.0
>
> log file = /var/log/samba/log.%m
> log level = 10
>
> # ldap related parameters
> passdb backend = ldapsam:ldap://ldap-n1.dri.edu
> ldap passwd sync = yes
> ldap delete dn = no
> ldap admin dn = "uid=samba_servers,ou=people,dc=dri,dc=edu"
> ldap server = ldap-n1.dri.edu
>
> ldap ssl = start_tls
> ldap port = 389
> ldap suffix = "dc=dri,dc=edu"
> ldap user suffix = "ou=people,dc=dri,dc=edu"
> ldap filter = "(&(uid=%u)(objectclass=SambaSamAccount))"
>
>
>
> --
> Paul S. Neeley
> Unix Systems Administrator
> Desert Research Institute
> 2215 Raggio Parkway
> Reno, NV 89512
> voice: 775.673.7426
> cell: 775.691.2337
> email: paul.neeley at dri.edu
>
>
More information about the samba-technical
mailing list