[Samba] Status of LDAP support in 2.2.5
Buchan Milne
bgmilne at cae.co.za
Wed Jul 10 01:53:02 GMT 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have just migrated our samba box to use ldapsam, and now I have a few
questions:
1)I would like to now get users passwords into unix hashes in the LDAP
server. Password changes seem to be working correctly, adding unix
password hashes to the LDAP server (via pam password change = yes and
using pam_ldap). However, I would like to try and get passwords migrated
~ soon (so that we can use ldap authentication for services that don't
use pam, where we can use pam_smb).
So, is it possible to expire passwords using LDAP?
It looks like the ldap attribute pwdMustChange is intended for this use
(and pwdCanChange to allow/prohibit password changes), but are they
working? And if so, how does one use them?
2)Does password changing by referrals work? The point of this excercise
is to get our remote site authenticating to the same password database,
it would be convenient if we didn't have to tell users to select the
head office DC for changing passwords ... especially if password expiry
works.
As always, thanks to the samba team for great software.
Regards,
Buchan
- --
|----------------Registered Linux User #182071-----------------|
Buchan Milne Mechanical Engineer, Network Manager
Cellphone * Work +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering http://www.cae.co.za
GPG Key http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE9K/XQrJK6UGDSBKcRAi3sAKChXpuMq56saIRonoDKsQbRH7+FXgCfQDdB
eg2Iz0hxZp/Rvqyyc4Mi/l4=
=Xduj
-----END PGP SIGNATURE-----
More information about the samba
mailing list