[Samba] Fedora DS 'winSync' module

Stuart Naylor stuartiannaylor at thursbygarden.org
Sun Aug 10 14:43:03 MDT 2014

Apols passsync is prob more important.


The passsync is the important bit as there are quite a few options for ldap mapping and synchronisation.

Password hashes are a real problem when it comes to synchronisation.

With 389 DS I can run my Unix LDAP and quite easily have a M$ server synced without all the complexity of freeIPA and such like.

It would be really great to have this functionality with Samba4 as interoperability is a key aim.

Is this in the roadmap at any point?


-----Original message-----
> From:Stuart Naylor <stuartiannaylor at thursbygarden.org>
> Sent: Saturday 9th August 2014 22:11
> To: samba at lists.samba.org
> Subject: [Samba] Fedora DS 'winSync' module
> I just wondered if there is anything planned along similar lines for Samba4?
> It would be massive to be able to synchronise users but the problem with password hashes and different algorithms is a real headache.
> I have only just started with 389 Directory server and wow after OpenLdap its really impressive and such a doddle to use and administer.
> They have this winsync plugin that opens up an ssl tunnel between the two servers you have to the plugin running on 389 and a dll is loaded into AD.
> Its simple and massive when it comes to interoperability so much so I might go back and route out my M$ disks.
> Please have this planned somewhere as every other solution is massively complex and just a secure tunnel swapping plain text passwords is just a simple brilliant idea.
> Can anyone give me any pointers if this exists or please put it forward into the roadmap.
> Even if it is jusy with 389-DS but OPenLdap would benefit from the exact same methods so that they are interchangeable.
> Stuart   

More information about the samba mailing list