[Samba] passwd chat for samba->kerberos passwd-sync

Ellison, David david.ellison at atkinsglobal.com
Wed Jan 31 14:28:45 GMT 2007

Just curious, looking at these lists for the last few days. 

What distros do people prefer to setup a Linux PDC? My preference is SME
server 7.1 (essentially based on CENTOS I believe).



> -----Original Message-----
> From: 
> samba-bounces+david.ellison=atkinsglobal.com at lists.samba.org 
> [mailto:samba-bounces+david.ellison=atkinsglobal.com at lists.sam
ba.org] On Behalf Of Ludek Finstrle
> Sent: 31 January 2007 14:12
> To: Torsten Becker
> Cc: samba at lists.samba.org
> Subject: Re: [Samba] passwd chat for samba->kerberos passwd-sync
> > This are the tested passwd chats:
> > 
> >   passwd program = /usr/bin/passwd %u
> > ;   passwd chat = *Password:* %o\n 
> *Enter\snew\sUNIX\spassword:* %n\n 
> > *Retype\snew\sUNIX\spassword:* %n\n 
> *password\supdated\ssuccessfully* .
> >   passwd chat = *Password:* %o\n *"Enter new password:"* 
> %n\n *"Enter 
> > it again:"* %n\n *"passwd: password updated successfully"* .
> >  pam password change = yes
> I don't understand why you define "pam password change" and 
> "passwd program" with "passwd chat". You want "pam password 
> change" or "unix password sync" with ( "passwd program" and 
> "passwd chat" ).
> I have it this way:
>    unix password sync = yes
>    passwd program = /usr/kerberos/sbin/kadmin.local -q 'cpw %u'
>    passwd chat = "Authenticating as principal*"\n"Enter 
> password for principal *"%u"*:*" %n\n \n"Re-enter password 
> for principal *"%u"*:*" %n\n \n"Password for *"%u"@* changed."\n
> I have kdc on the same machine as samba PDC. I think there 
> are more ways where kdc is running on another machine then samba PDC.
> I don't know if kerberos needs original password when it 
> change password for user as root throught pam (but I think it 
> needs some password).
> I have never used it this way.
> Regards,
> Luf
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
> This message has been scanned for viruses by MailControl - 
> (see http://bluepages.wsatkins.co.uk/?4318150)

This email and any attached files are confidential and copyright protected. If you are not the addressee, any dissemination of this communication is strictly prohibited. Unless otherwise expressly agreed in writing, nothing stated in this communication shall be legally binding.

Consider the environment. Please don't print this e-mail unless you really need to. 

More information about the samba mailing list