another idmap_ad question
Herb Lewis
hlewis at panasas.com
Wed Nov 12 02:45:37 GMT 2008
I think you misunderstood the question but I think I found
why it does it. LDAP queries only return the unixUserPassword
attribute if the user you authenticated as is a member of
administrators it appears. How do you control the credentials
being used by idmap_ad to do the ldap query?
Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Herb Lewis wrote:
>
>>I tried to add an attribute to retrieve in idmap_ad_sids_to_unixids
>>search. I am able to add sAMAccountName and see the value returned
>>but if I try to get unixUserPassword it is not returned. I can use
>>ldapsearch and retrieve both of these attributes. Why will the
>>password attribute not be returned by winbindd?
>
>
> Intentionally. The password field is filled in as '*'
>
>
>
>
>
> cheers, jerry
> - --
> =====================================================================
> Samba ------- http://www.samba.org
> Likewise Software --------- http://www.likewisesoftware.com
> "What man is a man who does not make the world better?" --Balian
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFJGjwmIR7qMdg1EfYRAmwtAKDULeCenkc0QguLOg0yafP6iw4Y1gCgk84m
> m8C05Lq2GvfeYhq9Il3KzrI=
> =NOaG
> -----END PGP SIGNATURE-----
More information about the samba-technical
mailing list