[Samba] Using OID as Samba3 backend
Ilia Chipitsine
ilia at paramon.ru
Sat Jul 2 11:57:10 GMT 2005
> Hi, colleagues,
>
> I'm running samba3 Using OID (Oracle Internet Directory) as backend, almost works ok, but the final trick that doesn't work is the change of the passwords from windows dialog box, this change the samba passwords but don't change the userpassword, i have found this line on samba logs files:
>
> ldap password change requested, but LDAP server does not support it -- ignoring.
windows "password change dialog" modifies LM and NT hashes (probably, just
NT one), changing of "user password" can be achived in two ways:
1) modifying UserPassword attribute (ldapmodify request, which is standard
one)
2) some special request sich as "extended operation" in OpenLDAP, non
standard requests.
there's special module for OpenLDAP, called smbk5pwd, which sincronyses
NT, LM and optionally heimdal hashes when extended operation on password
change is requested. that module is supplied with OpenLDAP-2.3, but I'm
successfully using it with OpenLDAP-2.2, it will not help much in your
situation, but it has to be clear about inderlying things when "modifying
passwords"....
>
> And i found in samba.org fourum that this problem is solved with this ACL:
>
> access to dn.base="" by * read.
>
> Already i have put them, but doesn't works, Anybody help me?
>
> thanks in advance
>
> Alex Canizales
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list