[Samba] password - ldap questions

Adam Williams adam at morrison-ind.com
Tue Dec 16 16:27:03 GMT 2003

> question 1
> We have a corporate wide iplanet ldap server (which i can only read 
> from) used for email. I tried to sync the passwords from this 
> ldap-server with the samba-openldap one so my samba users only would 
> have to remember one password. I used a script that fetches the 
> (encrypted, sha1) passwords in a ldif file and ldapmodify this password 
> to the samba-openldap. This part works. The problem is that samba want 
> the sambaNTpassword and doesn't even look at the userpassword. Is there 
> a way that i can make samba use the sha1 userpassword or  do i have a 
> "no go, bad luck" here.

"no go, bad luck"

> Another solution would be to go the other way around so to update the 
> corporate ldap server when someone changes his windows/samba password 
> and that brings me to question number 2.
> question 2
> If i change the password from my windows workstation using the native 
> windows change password mechanism the sambaNTpassword gets changed but 
> the userpassword doesn't.


>  I'm using the smbldap-passwd.pl tool. If i use 
> this tool directly from the command line it does update the userpassword 
> just fine. (using the same syntax as in the smb.conf.
> When i turn "sync unix passwords"  then the domain stops working (domain 
> not foud)

That shouldn't happen.

Don't you mean "unix password sync"

More information about the samba mailing list