Hey list, Right now I have Samba+LDAP working (like a charm acctually) I just have one issue. Right now Samba is authenticating the user against the sambaLMPassword and/or the sambaNTPassword attributes. I would rather it authenticated against the userPassword attribute like my unix boxes and mail servers do. Is samba capable of doing this? Otherwise I have to maintain two seperate passwords for each user. Thanks Regards, Daniel
Hi, Samba must use one of those values, since that's the encrypted value it gets from the windows clients. I think that "ldap passwd sync = yes " is the solution to your problem. Bets Regards. Bruno Guerreiro -----Original Message----- From: Daniel Corbe [mailto:daniel.junkmail@gmail.com] Sent: ter?a-feira, 1 de Fevereiro de 2005 16:32 To: samba@lists.samba.org Subject: [Samba] LDAP help! Hey list, Right now I have Samba+LDAP working (like a charm acctually) I just have one issue. Right now Samba is authenticating the user against the sambaLMPassword and/or the sambaNTPassword attributes. I would rather it authenticated against the userPassword attribute like my unix boxes and mail servers do. Is samba capable of doing this? Otherwise I have to maintain two seperate passwords for each user. Thanks Regards, Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
> Hey list, > > Right now I have Samba+LDAP working (like a charm acctually) I just > have one issue. Right now Samba is authenticating the user against > the sambaLMPassword and/or the sambaNTPassword attributes. > > I would rather it authenticated against the userPassword attribute > like my unix boxes and mail servers do. Is samba capable of doing > this? Otherwise I have to maintain two seperate passwords for each > user.yes, you have to support two separate passwords for samba and nss. otherwise you have to keep passwords in clear and somehow emulate (is OpenLDAP capable of this ?) sambaNTPassword via cleartext userPassword> > Thanks > > Regards, > Daniel > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >
> > Right now I have Samba+LDAP working (like a charm acctually) I just > > have one issue. Right now Samba is authenticating the user against > > the sambaLMPassword and/or the sambaNTPassword attributes.Yep.> > I would rather it authenticated against the userPassword attribute > > like my unix boxes and mail servers do. Is samba capable of doing > > this? Otherwise I have to maintain two seperate passwords for each > > user. > yes, you have to support two separate passwords for samba and nss.Yes. But we are talking about Samba and PAM - not NSS. NSS has nothing to do with passwords.> otherwise you have to keep passwords in clear and somehow emulate (is > OpenLDAP capable of this ?) sambaNTPassword via cleartext userPasswordPassword syncronization is trivial. See "ldap password sync" to do it from the Samba side or the smbk5pwd overlay to extend the password-modify exop on the LDAP side to always set all passwords. Or the third option is to use Kerberos for authentication of non-CIFS connections as the Hiemdal KDC can use the same LDAP SAM as Samba.