[Samba] RE: Sync passwords unix/smb with FDS backend?
simo
idra at samba.org
Thu Jan 10 13:37:50 GMT 2008
On Wed, 2008-01-09 at 21:31 -0500, Adam Tauno Williams wrote:
> > Sorry about the acro, I am working with Fedora Directory Server (ldap).
> > Currently user passwords stored in FDS can be changed from netatalk
> > (apple protocol), FDS web interface, or unix/passwd via the PAM
> > interface. To hit all three of these areas I would think that the
> > password sync would need to somehow be down in FDS.
> > Looking forward I would like to find an ldap solution. Anything else
> > will cause additional steps when I add new users to the network.
> > I will read through pbedit but unless I can trigger it through ldap I
> > don't know what good it will do.
>
> See if FDS has an overlay/plugin/yadayada like OpenLDAP's smbk5pwd (sp?)
> that lets the client perform an change-password exop and have all the
> passwords managed by the server (DSA). Samba supports this mode, don't
> know about netatalk.
I have written a slapi plugin specific to the FreeIPA project, but you
can easily extract what you need probably, see the ipa-pwd-extop plugin
here:
http://hg.fedorahosted.org/hg/freeipa/file/ef7de25000ff/ipa-server/ipa-slapi-plugins/
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>
More information about the samba
mailing list