in samba v.3 there is a smb.conf directive - ldap passwd sync
this provides several ldap passwd sync options on the fly including updating the ldap,
nt, and lm passwords or just the ldap password. to accomplish this you can use the
options: yes, no, or only
Im not sure if this is the place to ask, but what if the ldap server is using
kerberos5 as a backend to store passwords? .. maybe we could add an option to ldap
passwd sync = kerberos and then require a few more parameters including the a
krb5.keytab file location and the fqdn of the kerberos server. Then directly update
the kerberos s user principal password at the time of syncronization? ... the users
principal would be available from the ldap structure because its stored in the
userPassword in the form of {KERBEROS}username@KERB_DOMAIN
anyway.. im not a great programmer or I would try to do this..
Jonathan Higgins
Network Service Specialist IV
[EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
