[Samba] What does "ldap passwd sync" do?
anthony.linux at gmail.com
Thu Jan 20 22:28:23 GMT 2005
Thanks. I will read up on this functionality in OpenLDAP. From what
I've read so far, the default is to just update userPassword, but I
will look into the modules or configuration options to add
shadowLastChange to that.
On Fri, 21 Jan 2005 09:09:27 +1100, Andrew Bartlett <abartlet at samba.org> wrote:
> On Thu, 2005-01-20 at 15:00 -0500, Anthony Linux wrote:
> > Question regarding what the smb.conf line ldap passwd sync = Yes actually does.
> > I have a lab with mixed Win2k and RH9 computers running Samba 3 and
> > OpenLdap. Right now we're having a problem with password expiration.
> > Samba is working just fine and when a user changes their password, the
> > date changes as well.
> > But for Linux, however the password is being changed is not updating
> > the shadowLastChange parameter. So even though the users are
> > successfully changing their passwords (though Windows), the Linux
> > boxes are denying access due to that parameter not being set.
> It is up to your LDAP sever to update these values. Samba makes a call
> to the OpenLDAP defined (and internet-stadnard-proposed, I think)
> password set extended operation. The LDAP server is expected to do
> something sane . You may need to obtain/write some modules for OpenLDAP
> to handle this.
> Andrew Bartlett
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Student Network Administrator, Hawker College http://hawkerc.net
More information about the samba