similar to: Samba to Kerberos via OpenLDAP

I was told recently that Kerberos authentication won't work against a non-windows KDC. Is that accurate? So for instance, it is not possible for Samba running on say RHEL, to authenticate against a Linux server running MIT Kerberos? Additionally, many people said that setting this up was well-documented. Any suggestions of particularly good docs / how-to's?' And lastly, is

So far answers I've received on this list have been inconsistent at best and downright inaccurate at worst. I'm going to try one more time and see if, at the very least, someone can give me a lead. I ask you to consider what I'm asking remotely possible, and then seek a solution. (Particularly before one blasts off an ill-thought out message that says simple, "Can't be

Suddenly as of this morning, none of my users can authenticate to samba because nss_ldap is producing cryptic errors. Nothing has changed on either the LDAP server or the Samba server. Looks like this in /var/log/messages: Aug 11 11:19:29 edgar smbd[8394]: nss_ldap: could not soft reconnect to LDAP server - Server is unavailable Yet, the LDAP server IS available, and happily chirping away

I have the [homes] section set up in my smb.conf so that \\server.name\user connects to the user's home directory. Since I am using OpenLDAP as a backend via smbldap-tools, for most users the home directory comes from the homeDirectory variable in OpenLDAP. However, when I have a user who also has a login on the samba machine, that is, an entry in /etc/passwd, Samba seems to ignore the

I'm having the problem in which users can access their group shares, but not their home shares. These two shares are defined thusly in smb.conf: [seref] comment = Science & Engineering Reference Section path = /data/group/seref valid users = @seref, @seref-read, @admin read list = @seref-read write list = @seref, @admin

RedHat enterprise v4 openldap 2.2.13-4 cyrus-sasl 2.1.19-5.EL4 samba 3.0.10-1.4E.9 krb-libs 1.3.4-27 server1: openldap and kerberos server server2: samba server We have openldap working as posix source for all of our *nix logins - with passwords stored in kerberos accessed via sasl. We have an exiting samba server running on redhat for macintosh/windows user access to network storage. Our

Hi, I have an existing OpenLDAP directory, that I want to use as the backend for a Samba 3 instance. I do not want for now making Samba a Domain Controller, but only define in it some shares accessible by users on LDAP. I have imported in my slapd.conf the samba schema, and I have inserted in my smb.conf all the directives for connecting to an LDAP server: passdb backend =

Thanks to Buchan Milne, I'm looking into the Active Directory Password Cache overlay for OpenLDAP, which seems to offer more or less what I'm trying to do. Is anyone here experienced with it? Is this the right place to ask or is there an openLDAP overlays list? I understand this description of ADPC: Active Directory Password Cache =============================== Active

I have a Samba-PDC installation (version is 3.6.3) with openLDAP. When I change the password from a client (Windows/XP and Windows/7) the attribute "sambaNTPassword" is changed and I can log-in with the new pssword. The problem is that the content of the attribute "sambaLMPassword" is deleted. I remember that in my previous version of Samba (3.0.28) both attributes were

Hi all Need Urgent Help :( I' m new to this List... I'm trying to setup a new Samba 3 PDC + OpenLDAP on a Mandrake 10.0 to replace an older server... Cause I need an LDAP Backend for a BDC planned on a remote site, and Samba 3 came along. So I'm following this Doc http://au1.samba.org/samba/docs/man/guide/happy.html 1. I fail once I get to this step 18 of initialization and creation

Hi We have some Samba servers using LDAP (389 DS) as backend. In the LDAP server, we have defined some policies to make the passwords stronger. When a user tries to change his password (Control-Alt-Del), this message appears in the LOGs: ==> /var/log/samba/xptest <== [2010/06/28 12:26:26, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [10000001S]

I'm switching from OpenLDAP to the newly released Fedora Directory Server (formely known as the Netscape Directory Server) as a LDAP backend for my Samba domain. I'm now faced with a problem regarding how Fedora DS handles the userPassword field. Unlike OpenLDAP it encodes it in base64 so instead of reading userPassword: {SSHA}0lP+r3Z1NVan7Caf4CG9oSgnTbQRrv/p it reads: userPassword::

Hey list, Right now I have Samba+LDAP working (like a charm acctually) I just have one issue. Right now Samba is authenticating the user against the sambaLMPassword and/or the sambaNTPassword attributes. I would rather it authenticated against the userPassword attribute like my unix boxes and mail servers do. Is samba capable of doing this? Otherwise I have to maintain two seperate passwords

Hi, there! When my XP users try to change passwords, they get a message saying that password has been changed. That's not true! NT and LM passwords are changed but unixPassword isn't. Look at this openldap.log lines: Feb 12 07:50:28 apolo slapd[22826]: conn=698021 op=40 MOD dn="uid=teste,ou=Users,dc=domain" Feb 12 07:50:28 apolo slapd[22826]: conn=698021 op=40 MOD

Hello, I am kind of confused with this situation. I am attempting to build a PDC using TLS/SSL with the following version of software. Samba 3.0.23 OpenLDAP 2.3.19 Fedora Core 5 When I startup the Samba server via the "service" command (service smb start) I get the following errors in my logs. Using SSL: Jul 13 09:52:34 prism smbd[23161]: smbldap_search_suffix: Problem during

Greetings All. First let me introduce my situation Machine1: Pdc Samba + OpenLDAP(master) Machine2: Bdc Samba + OpenLDAP(slave) LDAP stores Samba and POSIX information for each user. Case1: I login to Machine1 and invoke smbpasswd. I change my passwords (samba and posix without any problem). In next few seconds they get propagated to Machin2 wher I can login with new credentials. ldap log

Hi everyone, I am trying to setup a PDC using Samba and OpenLDAP. For some reason, I've used both the examples provided in the Official Howto and also the smbldap-tools howto developed by IDEALX. I am able to get the directory up and running. I am able to get the following working: 1. LDAP Directory server and successful Queries through Samba 2. Add user and machine accounts. 3.

Hi, I'm migrating a domain from Samba3 to Samba4. I now about the possibility to transfer the domain (users and computers) during the provisioning (Upgrade from Samba3 to Samba4). Due to problems with the domain name (I have to change the domain name), SIDs a.s.o. I want to create a new domain during provisioning. Then I want to create/add all users with a script. Is there a way to

Everyone, We currently are running a Centos3 directory server, I am currently testing centos4 as an upgrade of this machine in the future. There is a special user we have called cn=samba,ou=special in our directory, this user is for samba to use when binding to the directory. On the production replica server, i have taken an offline slapcat ldif of the entire tree. I then copied this file to

AIX 5.2, OpenLDAP 2.2.20 We've just moved to LDAP (this weekend) and when I do a smbpasswd -e to enable a user it is prompting for a "New SMB password:" I've secured the attributes like so: access to dn.subtree="ou=People,dc=hvcc,dc=edu" attrs=userPassword by self write by dn="cn=root,dc=hvcc,dc=edu" write by * auth access to