[Samba] changing smb passwords from non smb machines
Andrew Bartlett
abartlet at samba.org
Sat Oct 12 00:49:01 GMT 2002
"Bradley W. Langhorst" wrote:
>
> In the interest of not having password divergence between NT and unix
> I've got everything authenticating against and ldap database.
>
> samba password updates are not a problem - i just
> use the unix password syncing features.
>
> however the other direction is proving to be a problem.
> I can rig pam to update both passwords with pam_ldap and pam_smbpass
> on machines that run samba. On some machines I don't want to run samba
> but i still want to provide passwd updates.
>
> I've considered and rejected pam_smb and pam_ntdom
> since they don't seem to have the password updating features (just auth
> features).
pam_winbind does password changes.
> I'd rather have the samba stuff updated by an exop on the ldap server
> but i don't think that is possible since the ldap server would have to
> know how to generate NT and LM hashes
If you are into this kind of thing, I think it would be very nice. I've
recectly added the support to pdb_ldap to call such a routine - which
would allow Samba to do only one password set, allowing the ldap server
to deal with the rest.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list