similar to: Samba, OpenLDAP and Passwords

Hey list, Right now I have Samba+LDAP working (like a charm acctually) I just have one issue. Right now Samba is authenticating the user against the sambaLMPassword and/or the sambaNTPassword attributes. I would rather it authenticated against the userPassword attribute like my unix boxes and mail servers do. Is samba capable of doing this? Otherwise I have to maintain two seperate passwords

Hello, We are using Samba 3.0.14a-6, slapd 2.2.26-4 and smbldap-tools 0.9.1-2 on Debian. My users are complaining about warnings that their password is about to expire and that the are told "You do not have permission to change your password" when they try to change it. sambaAcctFlags includes the X flag which I thought meant "don't expire passwords." The password changing

WHat is the significance to Samba of pam_password exop vs pam_password md5 in ldap.conf? The reason I ask is that, wherever possible, I prefer to use the vendor supplied tools for manipulating config files. With Fedora 3 it's system-config-authentication and it doesn't give you the option of exop. You either enable MD5, which puts pam_password md5 in ldap.conf, or disable it, which puts

Hi, Back to a while ago, someone mentioned about taking pGINA code to samba, so samba can work against LDAP authentication, but instead of using the sambaNTPassword and sambaLMPassword, this way samba can use the userPassword field directly. This sounds very promissing because we can then just use one set of passwords. It may be not usable in a domain enviroment where machine accounts and other

Hello everybody, I've setup a SAMBA 3.0.X (3.0.32 right now) PDC with a LDAP backend running on FreeBSD 6.3 some time ago and users can't just login on unix box when the password their password, modified from Windows, include non-ascii character (such as french letter like "?" for example) I guess that they must some kind of charset issue but i just don't know how to debug

On 11.12.18 18:19, walk2sun via samba wrote: > Am 11.12.18 um 15:36 schrieb tseegerkrb via samba: >> On 11.12.18 15:23, Rowland Penny via samba wrote: >>> On Tue, 11 Dec 2018 15:09:39 +0100 >>> tseegerkrb via samba <samba at lists.samba.org> wrote: >>> >>>> Hello list, >>>> >>>> a quick question. Right now I have a

On 11.12.18 15:23, Rowland Penny via samba wrote: > On Tue, 11 Dec 2018 15:09:39 +0100 > tseegerkrb via samba <samba at lists.samba.org> wrote: > >> Hello list, >> >> a quick question. Right now I have a combination of MIT Kerberos, >> OpenLDAP and SSSD for authenticating my users. Is there a way that >> Samba can use this setup to perform user

I am stuck with Samba -Active Directory communication. Trying to bring my SUSE 10.0 to speak with AD Domain. net rpc testjoin - brings a unable to find suitable server message net join - kerberos_kinit_password preauthentication failed and ads_connect preauthentication failed wbinfo -u works fine wbinfo -t works fine getent passwd/group works too smb is running nmb is running winbindd is

Hello, I've the following goal to reach : modify the attribute userPassword via a Java method in a Samba LDAP tree. I successfully changed the SSHA password in the LDAP. But I can't open a session with this new password. It seems, that sambaNTPassword et sambaLMPassword must be changed too ... but i don't know how to do it ... Any idea ? Regards -- Herv? H?noch Responsable

Hi. Excuse my English. I've installed Samba+OpenLDAP as a PDC. Everything works fine but Samba ignores completely group information. Linux is ok. Any clue? I'm going crazy here! Here's the sittuation: user: fish1 home dir: /home/reaml/swim/fish1 primary group: swimmers other groups: smokers Directory of smoker's group: /home/realm/smokers Here's an 'ls -l' on

Hello @ll, First a small sketch of my working environment. There is one PDC, W2000 server, which contains an Active directory, so basically all the windows users are maintained there. And the Linux/Unix accounts are stored on a NIS server. My goal would be the following 2 things. Firstly currently all the Linux/Unix servers are setup with individual winbind setups to make the windows users

Hello, Perhaps this post is not directly connected with Samba itself but after I saw that Samba uses EXOP for LDAP password changing I decided to write it to this list as well. Here is what I'd like to do: 1) I use openldap-2.3.35 for Samba auth mechanism 2) additionally I use openldap for any other auths I have in my subnet - exim, imap, svn, linux-login, etc... In case of Samba the

Is this Samba 3 or Samba 4? If samba 3, which ldap server are you using> What is the mail server? Does the mail server have its own LDAP server included it or is also using an external LDAP server. If you want replication between LDAP servers, they should be the same type of LDAP server (e.g. OpenLDAP or Apache Directory Server or Oracle Directory Server.) If you have one

Hello I have exactly the same trouble as described here: http://www.nabble.com/ldap-passwd-sync-on-3.0.25a-tf4261008.html on samba-3.0.25b-2.fc7. When i set "ldap passwd sync" to "only" and I change password on some ldap samba user, password in attribute userPassword is never changed by samba daemon (to update NT and LM password I use smbk5pwd overlay). If i set pwd sync to

Hello, I am using Centos 6 with 389 DS. Everything is working, I can authenticate my users against it etc. Now I am trying to make Samba authenticate against the LDAP by following http://directory.fedoraproject.org/wiki/Howto:Samba However, it seems that Samba does not read the 'password' value, but 'sambaNTPassword'. I wrote in 389-DS mailing list and they said, that there

I'm switching from OpenLDAP to the newly released Fedora Directory Server (formely known as the Netscape Directory Server) as a LDAP backend for my Samba domain. I'm now faced with a problem regarding how Fedora DS handles the userPassword field. Unlike OpenLDAP it encodes it in base64 so instead of reading userPassword: {SSHA}0lP+r3Z1NVan7Caf4CG9oSgnTbQRrv/p it reads: userPassword::

Hello list, I am running an openldap 2.4 server under FreeBSD that was working well until the config was tweaked by someone on the team without properly documenting their work # /usr/local/etc/ldap.con on ldap server (FreeBSD 8.1) host LBSD.summitnjhome.com base dc=summitnjhome,dc=com sudoers_base ou=sudoers,ou=Services,dc=summitnjhome,dc=com binddn

First, the software: Samba 3.0.0 OpenLDAP 2.0.27 nssldap / pam_ldap Redhat 9 This may be more of a question for the OpenLDAP mailing list.. but does anyone know of a method (perhaps using slappasswd?) to hand-sync userPassword attributes to sambaNTPassword attributes? Deploying Samba 3.0 as pdc pretty soon, used Migration Tools on the mail server soon, and I'd really like to be able to tell

I've tried numerous times but cannot get Vampire to bring across all groups or add users to all groups that they belong to. Sometimes I get everygroup except 1, other times not so lucky. Vampire log is below with an example of what is going wrong. vampire.log Fetching DOMAIN database Creating unix group: 'skischool' Creating unix group: 'sales' Creating unix group:

Hey everyone, I'm running Samba on Slackware 10.2. As near as I can tell based on looking at the glibc source, my options for Unix passwords (in /etc/passwd, or LDAP -- same options) are these: 1. crypt() with plain old, busted traditional hashing. 2. crypt() with MD5 hashing, via $1$saltsalt$hashhashhashhash format; the crypt() function the special format and automatically uses