[Samba] Re: Transfering Machine Accounts / MACHINE.SID
clint.sharp at attws.com
Mon Dec 29 15:08:16 GMT 2003
> -----Original Message-----
> Tried what? ;-)
> Setup :
> unix password sync = yes
> passwd program = /usr/local/sbin/ldap-passwd.pl %u
> Note: ldap-passwd.pl is custom script to modify userpassword
> modify master server/able to chase referral if any.
> BDC -> Slave Openldap:
> 1. ldapmanager as replica account.
> User was able to change password from Win WS.
> ldap-passwd.pl update master, samba update slave.
> 2. ldapmanager not as replica account.
> - user unable to change password, err from Windows is "you
> did not have permision to change your password".
> - run smbpasswd to change user password also giving error.
> but i did not try :
> passdb backend = ldapsam:"ldap://slave ldap://master"
> Will it solve my problem?
> Another question:
> On what interval client changed their machine password? is it
> triggered forn client or server?
Passdb backend = ldapsam:"ldap://master ldap://slave" works just fine
for me. I have the passwd program set to /usr/bin/passwd and Samba
updates the Samba related entries in the Master LDAP (with passwd
updating the posixAccount related entries). Took me a while to find the
ldapsam:"ldap://master ldap://slave" workaround too, but it's worked
flawlessly for me in production since.
More information about the samba