[Samba] smbldap tools
Jérôme Tournier
jerome.tournier at idealx.com
Mon Nov 17 15:22:16 GMT 2003
> Ahhh...but what if the posixAccount already exists? This is the issue
> I've run in to. I migrated my /etc/passwd accounts to LDAP and am now
> attempting to add sambaSAMAccount information to those accounts. If I
> try to run 'smbldap-useradd.pl -a ExistingPosixUser', I get an error
> saying that the user already exists.....
There's no option today to add the sambaSAMAccount objectclass to an
existing user. But this can be quickly done. I just not have enought time
to do it now.
> I suppose I could delete the user and then recreate it with the above
> command line, but that shouldn't be necessary (in my eyes at least).
>
> A second question. I'd like to have the NTpasswords (for samba) and the
> posix passwords ( for Unix logins and such) be different. How do I
> accomplish that? Can smbpasswd be used (once the sambaSAMAccount
> portion is created) be used to change ONLY the smb password and
> smbldap-passwd.pl be used to change ONLY the unix posix password?
Well, you have to be sure that the smb.conf does not include 'ldap
password sync = Yes' (to be certain, you can add 'ldap password sync =
No'). So when a 'samba user' will change his password, he will change only
the lmpassword and ntpassword attributes. Now for unix users: the
'smbldap-password.pl' command will change both windows passwords and unix
password. If you have configured pam and nss_ldap, you should better user
the 'password' command that can change a ldap password.
--
Jérôme
More information about the samba
mailing list