[Samba] What does "ldap passwd sync" do?

Andrew Bartlett abartlet at samba.org
Thu Jan 20 22:09:27 GMT 2005

On Thu, 2005-01-20 at 15:00 -0500, Anthony Linux wrote:
> Question regarding what the smb.conf line ldap passwd sync = Yes actually does.
> I have a lab with mixed Win2k and RH9 computers running Samba 3 and
> OpenLdap.  Right now we're having a problem with password expiration. 
> Samba is working just fine and when a user changes their password, the
> date changes as well.
> But for Linux, however the password is being changed is not updating
> the shadowLastChange parameter.  So even though the users are
> successfully changing their passwords (though Windows), the Linux
> boxes are denying access due to that parameter not being set.

It is up to your LDAP sever to update these values.  Samba makes a call
to the OpenLDAP defined (and internet-stadnard-proposed, I think)
password set extended operation.  The LDAP server is expected to do
something sane .  You may need to obtain/write some modules for OpenLDAP
to handle this.

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050121/f3bdda40/attachment.bin

More information about the samba mailing list