[Samba] changing smb passwords from non smb machines
abartlet at samba.org
Sat Oct 12 00:49:01 GMT 2002
"Bradley W. Langhorst" wrote:
> In the interest of not having password divergence between NT and unix
> I've got everything authenticating against and ldap database.
> samba password updates are not a problem - i just
> use the unix password syncing features.
> however the other direction is proving to be a problem.
> I can rig pam to update both passwords with pam_ldap and pam_smbpass
> on machines that run samba. On some machines I don't want to run samba
> but i still want to provide passwd updates.
> I've considered and rejected pam_smb and pam_ntdom
> since they don't seem to have the password updating features (just auth
pam_winbind does password changes.
> I'd rather have the samba stuff updated by an exop on the ldap server
> but i don't think that is possible since the ldap server would have to
> know how to generate NT and LM hashes
If you are into this kind of thing, I think it would be very nice. I've
recectly added the support to pdb_ldap to call such a routine - which
would allow Samba to do only one password set, allowing the ldap server
to deal with the rest.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba