Hans-Peter Bernhard wrote:>
> Hi,
>
> I am having a problem synchronizing user passwords with an LDAP server.
> The samba password works fine but synchronizing the LDAP unixpassword
fails.
> Samba server and LDAP server are not identically and therefore I need
> the old an the new password for whatever passwd chat.
> But %o is an empty string.
> I browse through the source code and found:
>
> /*
> * At this point we have the new case-sensitive plaintext
> * password in the fstring new_passwd. If we wanted to synchronise
> * with UNIX passwords we would call a UNIX password changing
> * function here. However it would have to be done as root
> * as the plaintext of the old users password is not
> * available. JRA.
> */
>
> can anybody help me out ???
It is a limitation of the protocol, and there isn't much that can be
done.
One way around it is to use a HTTPS server and a script like the one I
use (http://hawkerc.net/staff/abartlet/sign-on.pl) to change them both
via PAM.
Andrew Bartlett
--
Andrew Bartlett abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet@samba.org
Student Network Administrator, Hawker College abartlet@hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net