[Samba] password ynchronisation
s.oliver at umist.ac.uk
Fri Apr 2 15:17:28 GMT 2004
A few questions on the "ldap passwd sync" directive:
ldap passwd sync = yes|no|only
"This option is used to define whether or not Samba should sync the LDAP
password with the NT and LM hashes for normal accounts..."
(a) yes - Try to update the LDAP, NT and LM passwords and update the
(b) no - Do it like before, only update NT and LM passwords and update the
(c) only - Only update the LDAP password and let the LDAP server doing the
Now, assuming my samba box is a PDC (to mixed 98, NT, 2K, XP) running in
LDAP mode and I'm using pam_ldap or pam_krb5 for unix authentication...
1. How does option (c) work - what is the effective difference between (c)
and (a) - how does the LDAP server do the rest - what is "the rest"?
2. If LDAP is using KERBEROS authentication will the kerberos password get
updated when the user changes her SAMBA password.
3. What if a unix user changes their password via passwd on the console -
will both the SAMBA and KERBEROS passwords get updates?
More information about the samba