[Samba] Re: Transfering Machine Accounts / MACHINE.SID
Beast
indorama at rad.net.id
Mon Dec 29 11:28:00 GMT 2003
Monday, December 29, 2003, 5:52:20 PM, Andrew wrote:
> Have you actually tried this? Really, we are not in the buisness of
> creating solutions that simply don't work. Many production sites
> (mind included) rely on our LDAP code, including the bahaviour that
> allows DCs to bind to slave ldap servers, rebinding to the mster when
> required. Indeed, we recently intergrated the 'ldap replication
> sleep' parmaeter to assist in this process.
Tried what? ;-)
Setup :
unix password sync = yes
passwd program = /usr/local/sbin/ldap-passwd.pl %u
Note: ldap-passwd.pl is custom script to modify userpassword attribute,
modify master server/able to chase referral if any.
BDC -> Slave Openldap:
1. ldapmanager as replica account.
User was able to change password from Win WS.
ldap-passwd.pl update master, samba update slave.
2. ldapmanager not as replica account.
- user unable to change password, err from Windows is "you did not have
permision to change your password".
- run smbpasswd to change user password also giving error.
but i did not try :
passdb backend = ldapsam:"ldap://slave ldap://master"
Will it solve my problem?
Another question:
On what interval client changed their machine password? is it
triggered forn client or server?
--beast
More information about the samba
mailing list