[Samba] Check password script
Garming Sam
garming at catalyst.net.nz
Fri Jun 17 00:51:00 UTC 2016
Unfortunately, there are other restrictions which disallow the use of
macros in the active directory code, so it wouldn't be as simple as that.
Thanks Denis for suggesting metze's branch. That might actually be the
most appropriate way to solve this issue. Although there have been other
ways of syncing passwords in the past, none of them are currently
compatible with active directory. You'd have to do perform some form of
migration, but that shouldn't be too difficult with the existing
plaintext passwords.
Metze has unfortunately been waiting for this to be merged for a while,
hopefully I can get this sped up.
Cheers,
Garming
On 17/06/16 09:49, Fonteneau Simon wrote:
> interesting !
> Let me take a closer look at that.
>
> I must send passwords in Office 365 and Google Apps.
> Currently, My script works but it requires that Samba is configured
> with the "Plain text Password" option. I want to change that.
>
> "Check password script" could solve my problem.
>
> "http://ltb-project.org/wiki/documentation/self-service-password" with
> " post hook" solves my problem currently.
>
> I wish I use it like this :
> Check password script = /script/scriptpassword.sh %U
>
> I will also see what offers me the patch of Garming Sam.
>
> Simon https://blog.lesfourmisduweb.org
>
>
>
> Le 16/06/2016 19:48, Denis Cardon a écrit :
>> Hi Simon,
>>
>> Le 10/06/2016 11:12, blog at lesfourmisduweb.org a écrit :
>>>
>>> Yes it could be interesting.
>>> I want to use it to send the password has an API for other software. I
>>> currently use the "Store passwords using reversible encryption" to use
>>> my API. But I do not like this operation. I then use
>>> "http://ltb-project.org/wiki/documentation/self-service-password" with
>>> the " post hook"
>>
>> If your need is to have a ssha/cryptsha256/512 hash of the user
>> password for third party apps authentication, you may take a look at
>> the patch of metze [1], it seems to do just that.
>>
>> Cheers,
>>
>> Denis
>>
>> [1]
>> https://lists.samba.org/archive/samba-technical/2016-February/112300.html
>>
>>
>>>
>>> Your patch it allows you also to retrieve the user name ?
>>>
>>> Thank you verry much !
>>>
>>>
>>> Le 10/06/2016 10:41, garming at catalyst.net.nz a écrit :
>>>> Currently the functionality is not implemented in active directory (I
>>>> also
>>>> mistakenly thought it was, until I was corrected). Fortunately, I
>>>> recently
>>>> implemented it as a result of someone else raising it. It is still
>>>> lacking
>>>> some testing and needs some more work to be integrated upstream
>>>> however. I
>>>> should be able to supply the patches I have so far in the next week
>>>> or so
>>>> if you're interested.
>>>>
>>>> Cheers,
>>>>
>>>> Garming
>>>>
>>>>
>>>>> Hi
>>>>>
>>>>> Yes, active directory
>>>>>
>>>>> Simon
>>>>>
>>>>> Le 10/06/2016 03:37, Garming Sam a écrit :
>>>>>> Hi,
>>>>>>
>>>>>> Are you running Samba active directory?
>>>>>>
>>>>>>
>>>>>> Cheers,
>>>>>>
>>>>>> Garming
>>>>>>
>>>>>> On 10/06/16 00:28, blog at lesfourmisduweb.org wrote:
>>>>>>> Hello
>>>>>>>
>>>>>>> I Can not run a "check password script" in smb.conf
>>>>>>> Somebody can you tell me if this is depecated?
>>>>>>> I find nothing in the official documentation.
>>>>>>>
>>>>>>> Simon
>>>>>>>
>>>>>
>>>>
>>>
>>>
>>
>
>
More information about the samba
mailing list