[Samba] smbpasswd + ldap questions

Andrew Bartlett abartlet at samba.org
Mon Jun 24 05:52:02 GMT 2002

David Wright wrote:
> I would like to have sync'd Unix and Samba passwords. My Unix passwords
> are stored in OpenLDAP for uniformity across machines and services. I
> have some problems with the standard solutions to this problem though:
> * if I have Samba authenticate from OpenLDAP directly (using the
> smbPassword attribute), then I get sync'ing problems when the password
> is changed via normal Unix means. We are primarily a Unix shop; I cannot
> force my users to change passwords always via Samba. Also, I would
> really prefer to stay within the PAM universe, not merely because of its
> elegance, but also because it allows me to do very flexible, additional
> checks (e.g. pam_cracklib).

I think what we need to do is write a plugin for the ldap server, so
that on the password change extended operation, it updates the Samba
attributes as well.  

Anybody want to take that on?

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba mailing list