[Samba] Help with Samba (net vampire) not pulling passwords
into openLDAP backend - fails pam_ldap authentication - pam_unix used
abartlet at samba.org
Sat Jan 8 20:51:47 GMT 2005
On Fri, 2005-01-07 at 23:01 -0500, Franciszek Michal Misa wrote:
> Hi All,
> Hope someone here can help me ?
> *See end for background and system information...
> I'm looking for advice or links to clear documentation on the use and
> configuration of "net vampire" and it's ability to download PDC accounts
> with passwords intact.
> I have successfully used "net vampire" to synchronize my Samba BDC --
> with my companies PDC. I've switched my linux box authentication --
> using "authconfig" -- to authenticate against LDAP.
> Seems to be working for all but accounts "net vampired" over.....
The one thing that the 'vampire' process will not do is return the
plaintext password. This means that Samba cannot set the 'ldap
password'. Your options are to use pam_winbind on your local machine,
and authenticate local users against Samba, which then works against the
NT and LM passwords we do have, or to use the Heimdal Krb5 snapshot
Or you can try and have pam_ldap -> OpenLDAP -> SASL PLAIN -> PAM ->
pam_winbindd -> winbindd -> OpenLDAP...
Yes, I know this sucks, and I've tried to have discussions with the
OpenLDAP folks about how we could have OpenLDAP authenticate against
these passwords in a sensible way, and the infrastructure was simply not
up to it.
Andrew Bartlett abartlet at samba.org
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050109/026e3c91/attachment.bin
More information about the samba