[Samba] Re: password synchronization
kevin-nntp at hcico.com
Mon Dec 15 19:16:10 GMT 2003
Jasper V. Ferrer wrote:
> hi, i have three machines excellence, sapphire and integrity. excellence
> runs samba and acts as a pdc for domain ferrer-lan. sapphire also runs
> samba and is a member of domain ferrer-lan (security=domain). integrity
> runs windowsxp and is also a member of domain ferrer-lan.
> samba on both excellence and sapphire has unix password sync enabled and
> is syncing passwords just fine. so when i change password on integrity the
> local linux password on excellence gets synced too. however this leaves me
> with a different linux password on sapphire.
> since samba on sapphire is a member of domain ferrer-lan, is there a way
> to automagically sync to the local linux password? on samba startup?
> whenever connecting to samba on excellence?
> please help, thank you.
This is a normal password sync problem that has plagued the nixes for years.
However, there is some excellent tools out now-a-days that make this
I run two Linux servers and two linux desktops in an otherwise all Windows
network. I separate my linux logins into two categories: User Accounts;
and System Accounts.
System accounts are accounts such as: root; ftp; service; apache; mysql; and
other such accounts that are system/server specific. For this I use the
standard Unix password system and PAM.
User accounts though are a different situation completely. For these, I use
an OpenLDAP server with the nss_ldap and pam_ldap tools from padl.com.
When set up correctly, all the user accounts will be visible via PAM
authentication, and your password sync will store the data in LDAP.
Therefore, a change in password in either location, will actually reflect
on all nix or Mac computers using the LDAP for authentication.
More information about the samba