[Samba] ldap+pam+NT/unix-password sync :: please help!

IOhannes m zmoelnig zmoelnig at iem.kug.ac.at
Thu May 16 09:23:39 GMT 2002


hi list !

i am a complete newbie, but having searched the archives roughly (i do 
hope, that Mailman will add searchable archives sometimes...) i couldn't 
find any answer to my problem.
if this is the wrong list, please tell me, where i should post instead::

my setting:
debian-woody, samba-2.2.3 (+ldapsam support) as PDC, LDAP-2.0.23 (+TLS 
support)

i am administrating a NT/W2K/linux-network and want to have unified 
access for all users.

everything works fine but the password-synchronisation:
i have adjusted the "unix passwd sync", so that if i (or my "test"-user) 
is changing her password via smbpass (or via "change password" from the 
win32-machine) the password is changed both for the linux-world and for 
the NT world). great !!
but:: i haven't had any chance to modify the user-password under linux 
(with "passwd"). only the unix-password-hash is changed!
the pam_smbpass module is clearly the wrong approach, since it is trying 
to modify a local smbpasswd-file (which does not exist, since the 
smbpasswords are stored on the ldap-server)
the pam_smb_auth is clearly wrong, since it does authentification 
(instead of password-changing) but could connect to a remote PDC.
the pam_smb_passwd might be right, but there are no debian-packages, i 
didn't managed (yet) to compile, and anyhow it seems to be "not for 
production use"

of course my users could be forced to use "smbpasswd" instead of 
"passwd" but i'd rather not, and to make (dirty) links 
(passwd->smbpasswd) on all my machines is not what i want either.

please help me out.
i am stymified

mfg.cdsa.r
IOhannes





More information about the samba mailing list