Brian Johnson
2003-Mar-28 19:50 UTC
[Samba] Samba, email, LDAP and password integration and management
I set up a test server about a year ago to try this and gave up since it didn't seem that the processes were quite yet in place to do it .. I am evaluating the potential for Samba and Linux accounts (including postfix email accounts) to share the same passwords and have a process in place to encourage users to change their passwords and try to prevent esay to crack passwords Could someone please confirm whether they have such a system working and how difficult it was to set up? When I looked at it before, it seemed that although Samba could use LDAP, it used a different schema from the standard system accounts and therefore there was not really any sharing of password data If it matters, my server I'd like to do this on is a Redhat 7.3 system -- Brian Johnson This is where my witty signature line would be if I bothered to edit this line :)
rossp@ppc.ucsc.edu
2003-Mar-29 00:03 UTC
[Samba] Samba, email, LDAP and password integration and management
I've finally got samba working with LDAP and keeping the password attributes in LDAP synchronized no matter where the password change comes from. I think this is what you mean. I intend to write a more thorough howto for this sometime in the near future, but if you'd like I could prolly get you up and running sooner. Ross Patterson Programmer/Analyst 831-459-2792 rossp@ucsc.edu 1156 High St, Barn G, PP&C Santa Cruz, CA 95064 On Fri, 28 Mar 2003, Brian Johnson wrote:> I set up a test server about a year ago to try this and gave up since it didn't seem > that the processes were quite yet in place to do it .. > > I am evaluating the potential for Samba and Linux accounts (including postfix email > accounts) to share the same passwords and have a process in place to encourage users > to change their passwords and try to prevent esay to crack passwords > > Could someone please confirm whether they have such a system working and how > difficult it was to set up? > > When I looked at it before, it seemed that although Samba could use LDAP, it used a > different schema from the standard system accounts and therefore there was not > really any sharing of password data > > If it matters, my server I'd like to do this on is a Redhat 7.3 system > > -- > Brian Johnson > > This is where my witty signature line would be if I bothered to edit this line :) > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >
Brian Johnson
2003-Mar-29 00:08 UTC
[Samba] Samba, email, LDAP and password integration and management
Sounds like what I'm looking for .. please post the url to this list when done .. I can wait .. I want to see what's coming in Redhat 9 and it may affect my plans rossp@ppc.ucsc.edu wrote:> >I've finally got samba working with LDAP and keeping the password >attributes in LDAP synchronized no matter where the password change >comes from. I think this is what you mean. I intend to write a more >thorough howto for this sometime in the near future, but if you'd like >I could prolly get you up and running sooner. > >Ross Patterson >Programmer/Analyst >831-459-2792 >rossp@ucsc.edu >1156 High St, Barn G, PP&C >Santa Cruz, CA 95064 > >On Fri, 28 Mar 2003, Brian Johnson wrote: > >> I set up a test server about a year ago to try this and gave up since it didn't seem >> that the processes were quite yet in place to do it .. >> >> I am evaluating the potential for Samba and Linux accounts (including postfix email >> accounts) to share the same passwords and have a process in place to encourage users >> to change their passwords and try to prevent esay to crack passwords >> >> Could someone please confirm whether they have such a system working and how >> difficult it was to set up? >> >> When I looked at it before, it seemed that although Samba could use LDAP, it used a >> different schema from the standard system accounts and therefore there was not >> really any sharing of password data >> >> If it matters, my server I'd like to do this on is a Redhat 7.3 system >> >> -- >> Brian Johnson >> >> This is where my witty signature line would be if I bothered to edit this line :) >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: http://lists.samba.org/mailman/listinfo/samba >> >-- Brian Johnson This is where my witty signature line would be if I bothered to edit this line :)
Markus Schabel
2003-Apr-01 16:16 UTC
[Samba] Samba, email, LDAP and password integration and management
Brian Johnson wrote:> I set up a test server about a year ago to try this and gave up since it didn't seem > that the processes were quite yet in place to do it .. > > I am evaluating the potential for Samba and Linux accounts (including postfix email > accounts) to share the same passwords and have a process in place to encourage users > to change their passwords and try to prevent esay to crack passwords > > Could someone please confirm whether they have such a system working and how > difficult it was to set up? > > When I looked at it before, it seemed that although Samba could use LDAP, it used a > different schema from the standard system accounts and therefore there was not > really any sharing of password data > > If it matters, my server I'd like to do this on is a Redhat 7.3 systemI'm running the following services/daemons with my LDAP-users: * postfix for address2mailbox-mapping, aliases, forwardings and authenticated SMTP * courier for authenticated access to POP3 and IMAP * apache with LDAP-authenticated .htacces * proftpd with LDAP-users/homedirs * samba as domain-controller and file-servers with LDAP-users * dhcpd loads configuration from LDAP and stores leases in LDAP * php-based addressbook * squirrelmail webmail currently work in progress: * dhcpd logs leases into LDAP so that BIND or tinydns can do DNS with that data I think that's all for the moment. Sure, it is *a lot of* work to get all this running, but it's really nice when it finally works. regards -- \\\ ||| /// _\=/_ ( @ @ ) (o o) +--------oOOo-(_)-oOOo--------------------------oOOo-(_)-oOOo------+ | Markus Schabel TGM - Die Schule der Technik www.tgm.ac.at | | IT-Service A-1200 Wien, Wexstrasse 19-23 net.tgm.ac.at | | markus.schabel@tgm.ac.at Tel.: +43(1)33126/316 | | markus.schabel@members.fsf.org Fax.: +43(1)33126/154 | | FSF Associate Member #597, Linux User #259595 (counter.li.org) | | oOOo Yet Another Spam Trap: oOOo | | ( ) oOOo yast@tgm.ac.at ( ) oOOo | +--------\ (----( )--------------------------\ ( -----( )-----+ \_) ) / \_) ) / (_/ (_/ Computers are like airconditioners: They stop working properly if you open windows.