[Samba] Samba 4 "Trigger" when user is created???

Bo Kersey bo at vircio.com
Fri Nov 14 14:35:17 MST 2014 

Greg,
I had the same issue when trying to capture password changes (smb.conf 'passwd program' parameter) when we upgraded to Samba4.  There was no way to do it.  Previously we had disabled changing passwords using ctl-alt-delete on windows and directed users to a password changing web page that changed the passwords directly in LDAP and elsewhere.  Now, we can't disable password changing from Windows in Samba4 so we had to come up with another solution.

There is no way for you to stop the use of ADUC and force administrators to use your interface.  You'd have to block the LDAP port on the samba4 server and I'm afraid you can't really do that.

Cheers,
Bo


----- Original Message -----
> From: "Greg Zartman" <gzartman at koozali.org>
> To: "Rowland Penny" <rowlandpenny at googlemail.com>
> Cc: "samba" <samba at lists.samba.org>
> Sent: Friday, November 14, 2014 3:17:50 PM
> Subject: Re: [Samba] Samba 4 "Trigger" when user is created???

> On Fri, Nov 14, 2014 at 1:12 PM, Rowland Penny <rowlandpenny at googlemail.com>
> wrote:
> 
>> I wondered when somebody was going to realise this, ADUC is just a GUI, a
>> bit like a swan, gliding along serenely, but under the water, paddling like
>> hell :-)
>> ADUC must work like samba-tool does, it connects to AD and alters it, just
>> how are you going to stop that ????:-\
>>
>> Rowland
> 
> 
> We are quickly running out of options.  LOL
> 
> This is one suggestion being made in our bug tracker:  "we'll have to use
> inotify to watch the ldb files and wake up when they change and work out
> what needs to be done to set the system up to just work. Please take copies
> of the samba private directory, and work out which files change (and how
> they change) when a user is created, modified, deleted. We'll just have to
> parse those files."
> 
> 
> 
> --
> Greg J. Zartman
> Board Member
> 
> Koozali SME Server
> 
> SME Server user and community member since 2000
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

-- 
Bo Kersey 
VirCIO - managed network solutions 
4314 Avenue C 
Austin, TX 78751 
phone: (512)374-0500

More information about the samba mailing list