[Samba] LDAP password store

Christian Ambach ambi at samba.org
Thu Jan 19 05:24:44 MST 2012

Hi Tom,

On 01/18/2012 08:57 PM, Tom Harvey wrote:
> I have an openLDAP backend on my Samba installation, and it's using the LDAP attribute sambaNTPassword to store the NT hashed password for the users.
> This is allowing for windows users to auth against the PDC and linux users are authenticating through the samba PAM module
> Now, I want to use this openLDAP backend for a GoogleApps SSO service and this expects to find the password as a SHA hashed password in the LDAP entry userPassword
> So, I'd like samba to take it's auth from this password field or else we will end up with out of sync passwords; one for some services and one for others.

Setting ldap passwd sync = yes would at least make sure the LDAP 
password is synchronized with the Windows passwords when the passwords 
are changed via Samba. But it will not update the Samba passwords when 
the unix password is changed via LDAP.


More information about the samba mailing list