[Samba] RE: Sync passwords unix/smb with FDS backend?

simo idra at samba.org
Thu Jan 10 13:37:50 GMT 2008

On Wed, 2008-01-09 at 21:31 -0500, Adam Tauno Williams wrote:
> > Sorry about the acro, I am working with Fedora Directory Server (ldap).
> > Currently user passwords stored in FDS can be changed from netatalk
> > (apple protocol), FDS web interface, or unix/passwd via the PAM
> > interface. To hit all three of these areas I would think that the
> > password sync would need to somehow be down in FDS.
> > Looking forward I would like to find an ldap solution. Anything else
> > will cause additional steps when I add new users to the network.
> > I will read through pbedit but unless I can trigger it through ldap I
> > don't know what good it will do.
> See if FDS has an overlay/plugin/yadayada like OpenLDAP's smbk5pwd (sp?)
> that lets the client perform an change-password exop and have all the
> passwords managed by the server (DSA).  Samba supports this mode,  don't
> know about netatalk.

I have written a slapi plugin specific to the FreeIPA project, but you
can easily extract what you need probably, see the ipa-pwd-extop plugin


Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>

More information about the samba mailing list