Cybr0t McWhulf
2003-Oct-22 00:15 UTC
[Samba] Samba 3.0 + LDAP userPassword -> sambaNTPassword manual sync?
First, the software: Samba 3.0.0 OpenLDAP 2.0.27 nssldap / pam_ldap Redhat 9 This may be more of a question for the OpenLDAP mailing list.. but does anyone know of a method (perhaps using slappasswd?) to hand-sync userPassword attributes to sambaNTPassword attributes? Deploying Samba 3.0 as pdc pretty soon, used Migration Tools on the mail server soon, and I'd really like to be able to tell people to log in using their mail credentials, as opposed to a generic password that they might not ever change, resulting in the ever-unfun activity of tracking people down and berating them until they change it (This was hard enough the first two times). Any suggestions or advice would be greatly appreciated, and as always great thanks to the Samba team for their terrific work. -- Cybr0t McWhulf
Adam Williams
2003-Oct-22 02:44 UTC
[Samba] Samba 3.0 + LDAP userPassword -> sambaNTPassword manual sync?
> This may be more of a question for the OpenLDAP mailing list.. but does > anyone know of a method (perhaps using slappasswd?) to hand-sync userPassword > attributes to sambaNTPassword attributes?No, this is not possible unless your userPassword values are in clear text. But you could set it up to write the ntpassword and lmpassword when they login to get thier mail, thus building up a password database.> Deploying Samba 3.0 as pdc pretty soon, used Migration Tools on the mail > server soon, and I'd really like to be able to tell people to log in using > their mail credentials, as opposed to a generic password that they might > not ever change, resulting in the ever-unfun activity of tracking people > down and berating them until they change it (This was hard enough the > first two times).So set a password policy that requires password change, password expiration, and password history. Samba 3.0.0 supports all these.
Andrew Bartlett
2003-Oct-22 13:09 UTC
[Samba] Samba 3.0 + LDAP userPassword -> sambaNTPassword manual sync?
On Wed, 2003-10-22 at 10:15, Cybr0t McWhulf wrote:> First, the software: > Samba 3.0.0 > OpenLDAP 2.0.27 > nssldap / pam_ldap > Redhat 9 > > This may be more of a question for the OpenLDAP mailing list.. but does > anyone know of a method (perhaps using slappasswd?) to hand-sync userPassword > attributes to sambaNTPassword attributes?Samba can set the LDAP password. See the 'ldap password sync' option in your smb.conf. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20031022/117b3917/attachment.bin