[Samba] SSHA password modified without smbpasswd

Hervé Hénoch h.henoch at isc84.org
Thu Apr 19 00:21:58 MDT 2012

Ok i've used ldappasswd to change the password : LM et NT passwd i've 
been modified.

I've a question related to smbpasswd which can change in my LDAP, 
userPassword and LM/NT password (ldap passwd sync=yes). But what command 
does it use if i've not set "passwd program" ? How can I find it ? Does 
it use by default ldappasswd ?

In smb.conf

passdb backend = ldapsam:ldap://
ldap passwd sync = yes
# unix password sync = yes
# passwd program = /usr/sbin/smbldap-passwd ?u %u
ldap admin dn = cn=admin,dc=isc84,dc=org
ldap delete dn = yes
ldap ssl = off
ldap suffix = ou=samba,dc=isc84,dc=org
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Machines
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
enable privileges = yes

In smbldap.conf


Le 19/04/2012 00:52, Andrew Bartlett a écrit :
> On Wed, 2012-04-18 at 17:25 +0200, Hervé Hénoch wrote:
>> Thanks for the response,
>> I've installed the overlay but how to test if it is running ? I've tried
>> to modify userPassword directly or via my java program but neither
>> LMpasswor nor NTpassword have been modified !!!
>> So what i've missed ?
> You must use the password set/change extended operation, not a write to
> userPassword.
> Andrew Bartlett

Hervé Hénoch
Responsable informatique
Institut Sainte Catherine
1750, chemin du Lavarin, 84000 Avignon
Téléphone :
Messagerie : h.henoch at isc84.org

More information about the samba mailing list