[Samba] looking for a pam_smbpass user to answer passwd sync issues
James.Deas at warnerbros.com
Thu Jan 10 17:39:22 GMT 2008
I need to let my users change their password using PAM to preserve the
existing ldap authentication system. How can I force pam to sync the smb
password to the unix one.
I am running Fedora 7 package on an x86-64 system. I have smb working
via ldap and sambasam.schema (v3.0.24) I have unix password sync = yes
but it should not come into play as I never plan to reset passwords via
In '/etc/pam.d/system-auth' I was trying to use pam_smbpass.so
The original pam script for password had
password sufficient pam_ldap.so use_authtok
I changed it to:
password requisite pam_ldap.so use_authtok
password required pam_smbpass.so use_authtok
The problem is I get a token manipulation error. Am I using it wrong?
What would be even better is if someone knows how to do this directly in
Fedora DS so all avenues of changing the password would change both.
Apparently smbpasswd depends on smbd running so that is not an option. I
don't know if pdbedit could do it or be launched as a script directly
from the directory server.
More information about the samba