[Samba] Re: Changing Domain Passwords
jamrock
news_jamrock at yahoo.com
Mon Mar 9 10:23:41 GMT 2009
"Nigel Allen" <dna at edrs.com.au> wrote in message
news:49B4665B.9010401 at edrs.com.au...
>
> Greetings
>
> Can anyone tell me if this is possible?
>
> Given a network of Linux based servers with a Linux based PDC (Centos
> 3.9) running samba 3.0.26a and NIS with Windows-XP clients, we want to
> enforce password changing policies for the Windows Domain.
>
> We want to have users able to change their own passwords at required but
> with some control over minimum complexity, re-use etc. We want them to
> be able to change their passwords from the XP workstations and have that
> change propagated to samba and to NIS without any intervention.
>
> I have tried to implement this but seem to constantly run into problems
> with PAM. If we switch off pam password change in smb.conf, we can
> change passwords from the workstation but they don't get propagated. The
> only way I have been able to achieve what we want is by getting someome
> with root access to change passwords for the end users (not something we
> want to make a habit of).
>
> Any input would be /very/ gratefullt accepted.
>
> Rgds
>
> Nigel.
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
I find it a lot easier to set up Samba using OpenLDAP for authentication. I
use the NT 4.0 tool User Manager for Domains to manage users.
Take a look at Samba by Example for detailed information on creating a PDC
with Samba and LDAP. Chapter 5 "Making Happy Users" has this info. and
more.
It is important to set all of this up in a test environment before making
changes to your production system.
You may also want to use more recent versions of CentOS and Samba.
More information about the samba
mailing list