[Samba] LDAP + SASL (kerberos) password syncing
Mark Roach
mrroach at okmaybe.com
Thu Jan 20 01:16:01 GMT 2005
I am getting a bit confused about which methods to use to keep my
passwords synced given the following scenario.
Samba PDC using LDAP backend.
LDAP uses {SASL}princ at REALM type passwords
Sasl mechanism is saslauthd using kerberos5
I can use pam like:
password required pam_smbpass.so
password required pam_krb5.so use_first_pass
and then passwd will set both passwords
but how can I make it so that changing user password from a windows
workstation will also change the kerberos password? "pam passwd change"
does not seem to be doing the trick.
On a side note, is there a way to test windows-style password changing
from the server? I'm assuming smbpasswd won't do the trick, I expected
something like net rpc passwd...
Thanks,
Mark
More information about the samba
mailing list