[Samba] ldap passwd sync only
Marcin Giedz
giedz at arise.pl
Wed Aug 15 08:21:15 GMT 2007
Michal Bruncko napisał(a):
> Hello
>
Hi,
In my opinion there is something wrong with "ldap password sync" and
"unix password sync" as well. In my case I need to update NTLM passwords
and userPassword but in several different places in LDAP tree. In
smb.conf I've got something like this:
ldap passwd sync = No
unix password sync = Yes
passwd program = /opt/samba-3.0.23d/bin/spasswd.pl -u %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
where spasswd.pl script changes userPassword in many places for
particular user. The problem is when I have "unix password sync=Yes" I
CAN'T join domain any Linux machines. So to join such machine I need to
mark "unix password sync" , then add machine and change "unix password
sync" back. This is workaround but not a solution.
The same situation is with 3.0.25b.
Regards,
Marcin
> I have exactly the same trouble as described here:
> http://www.nabble.com/ldap-passwd-sync-on-3.0.25a-tf4261008.html on
> samba-3.0.25b-2.fc7.
> When i set "ldap passwd
> sync" to "only" and I change password on some ldap samba
> user, password in attribute userPassword is never changed by samba daemon
> (to update NT and LM password I use smbk5pwd overlay). If i set pwd
> sync to "On", both attributes (NT&LM and
> userPassword) was updated successfully. (I dont would use ldap passwd sync
> to "On", because then I could not create user in usrmgr.exe with not defined
> password (access denied error))
>
I
> Is that behaviour correct?
>
> thanks
>
> Michal Bruncko
>
--
ARISE M.Giedz, T.Żebruń Sp.j.
http: www.arise.pl
mail: giedz at arise.pl
tel: +48 502 537 157
More information about the samba
mailing list