[Samba] password sync and ldap acls
th.lacoste at wanadoo.fr
Thu Jun 1 17:55:27 GMT 2006
I followed the "Linux Samba-OpenLDAP Howto" from IDEALX.
My slapd.conf rootdn is cn=ldapmgr,ou=Managers,o=miage
My smb.conf ldap admin dn is cn=sambamgr,ou=Managers,o=miage
With the ACLs from section 5 (Security considerations) of the Howto
when I change a user password from windows XP the userPassword
attribute is not modified so my Unix and Windows passwords are
not in sync.
I found that adding the following ACL to my slapd.conf resoves the issue.
access to *
by dn="cn=sambamgr,ou=Managers,o=miage" read
I did several tests but can't figure out what are the attributes that
sambamgr needs to read in order to update the userPassword attribute ?
Any help would be appreciated.
More information about the samba