[Samba] Manage password change without windows...

Marco Gaiarin gaio at sv.lnf.it
Thu Oct 16 09:05:02 GMT 2008

[I'm subscribed, but with mail deliverying turned off. I will read the
thread on web archive, but please CC me... i'm subscribed to the italian
samba list, but there's no answer there...]

I manage some samba domain (samba3 as in debian stable), using LDAP as
backend and smbldap-tools.
The domains born as windows-only, and they are still windows-prevalent,
but i'm inserting here and there some Linux box (Ubuntu), using
LDAP (pam and NSS) for account and password on linux systems.

All the password management are done by 'windows', and i've done a
little script (mimic around the smbldap-tools) that simply read the
expiration data in windows LDAP field and (adapt and) copy them over
the POSIX ones.
So there's no trouble for me to 'expire' a password for the Ubuntu
client, and the client correctly behave on that, prevent users to logon
if password was expired or warn them if only some days misses.

But, as i sayed, now i've some users that are substantially Linux-only
users, and now i need to ask them to make a logon on a windows box to
change their password. ;(

Basically i'm looking for a tool that will permit to users to change
their password using standard tool from an Ubuntu box, updating POSIX
and samba data in LDAP.

1) i've looked at pam_smbpasswd, that in PAM 'password' context seems
 to do exactly what i need, but seems also that works only for the old
/etc/samba/smbpasswd file and not for pdb (nor LDAP)

2) i've looked also to a web interface (LAM), but this feature was
 available only in 'pro' commercial version.

Someone can point me to the right tool/solution?


dott. Marco Gaiarin				    GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''                http://www.sv.lnf.it/
  Polo FVG  -  Via della Bontà, 7 - 33078  -  San Vito al Tagliamento (PN)
  marco.gaiarin(at)sv.lnf.it	  tel +39-0434-842711  fax +39-0434-842797

	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

More information about the samba mailing list