[Samba] Sync unix and samba passwords

Craig Jackson CJackson at abbott-simses.com
Fri Sep 29 20:57:24 GMT 2006


We have an Exchange server (server 2003) that is a domain controller and
a few Samba file servers that are not part of the Windows domain. The
Samba servers use their own LDAP directory ( ldapsam backend with
pam_ldap ) that is synchronized to one openldap directory server but is
not synchronized to the Windows domain AD. The workstations are all
local accounts and not members of any domain either. I am happy with
this arrangement despite having to enter user information twice and
would rather not change it.

Goal: I would like to use Services for Unix on the Windows AD controller
to synchronize linux passwords so that the end user has to change
password once for email/Samba and once for local computer.

Problem: When Linux administrator issues the passwd command as in #
passwd <username> the ldap userPassword attribute is changed correctly
but the Samba NT/LM passwords are not also changed.

What I have already done: Googled the issue and found that unix passwd
sync in smb.conf is not what I need. Ldap passwd sync = yes is in
smb.conf. I have found some info on pam_smbpass.so but do not have
enough information to know if this is what I need and how to use it.

Or can someone tell me if this will not work at all. Better ideas?


More information about the samba mailing list