Samba Ldap sync
M.Proehl at science-computing.de
Thu Sep 8 15:44:52 GMT 2005
there's a patch for Samba 3.0.10 to let Samba modify the userPassword
This patch was made to support LDAP servers that don't implement the
password changeing extended operation (like SunOne). It only sets the
On Wed, Sep 07, 2005 at 03:40:11PM -0700, Paul Neeley wrote:
> I have compiled Samba 3.0.11 on solaris 2.9 and running with start_tls
> with SunOne DS5.2_Patch_3. I currently have samba clients
> authenticating against the sun one directory server and it works.
> Users can also log in to the solaris box and using smbpasswd can change
> their sambantpassword and sambalmpassword. They are also able to change
> their ldap passwd via the solaris passwd command.
> I have ldap passwd sync set to yes, but the ldap password never gets
> changed and I am unable to see any failures in the ldap access logs.
> Do these 3 password get changed during the same LDAPS connection?
> Hope someone has some ideas, I have been at this for about a month or so.
> Here is my smb.conf
> security = user
> encrypt passwords = yes
> netbios name = GSN1
> server string = DRI Group Server #1 North
> workgroup = NNSC
> name resolve order = hosts bcast
> load printers = no
> show add printer wizard = no
> interfaces = 192.168.100.0/255.255.255.0 10.10.8.0/255.255.248.0
> 10.10.80.0/255.255.255.0 10.10.20.0/255.255.255.0 10.10.30
> .0/255.255.255.0 127.0.0.1/255.0.0.0
> log file = /var/log/samba/log.%m
> log level = 10
> # ldap related parameters
> passdb backend = ldapsam:ldap://ldap-n1.dri.edu
> ldap passwd sync = yes
> ldap delete dn = no
> ldap admin dn = "uid=samba_servers,ou=people,dc=dri,dc=edu"
> ldap server = ldap-n1.dri.edu
> ldap ssl = start_tls
> ldap port = 389
> ldap suffix = "dc=dri,dc=edu"
> ldap user suffix = "ou=people,dc=dri,dc=edu"
> ldap filter = "(&(uid=%u)(objectclass=SambaSamAccount))"
> Paul S. Neeley
> Unix Systems Administrator
> Desert Research Institute
> 2215 Raggio Parkway
> Reno, NV 89512
> voice: 775.673.7426
> cell: 775.691.2337
> email: paul.neeley at dri.edu
More information about the samba-technical