[Samba] Samba/Unix password sync with LDAP backend

simo idra at samba.org
Mon Mar 15 10:33:33 MDT 2010

On Mon, 2010-03-15 at 12:27 -0400, Gaiseric Vandal wrote:
> I am using Sun Directory Server.  I believe that both the Sun
> Directory 
> server and the RedHat/Fedora directory server are forks of the
> earlier 
> Iplanet/Netscape directory server.    The samba servers are running
> on 
> Solaris.   With a local (non-ldap) password, root can easily use the 
> passwd command to change a user's password, since entering the old 
> password is not required.  But with ldap accounts this doesn't work-
> if 
> root tries to change another user's password with "passwd -r ldap",
> the 
> old password is required.  Instead you need to use the "ldapasswd" 
> command and authenticate as a user with the appropriate ldap 
> administrative powers.
> my smb.conf includes
>          passwd program = /etc/samba/smbldappasswd.sh %u
>          passwd chat =*New* %n\n *changed*
>          unix password sync = yes

Why don't you use "ldap passwd sync" instead ?


Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>

More information about the samba mailing list