The user's unix LDAP password should be encrypted (technically I think
it is actually hashed, since it is not reversible)- so no, you can't
get their existing password.
There are two options in smb.conf to have the password sync
ldap passwd sync = yes
or
unix password sync = yes
I have ldap backend for linux and samba passwords, but initally had NIS
for unix and TDB for samba. I use the "unix password sync" option
partially as a legacy hold over of the previous backend.
I therefore also set
passwd program = /etc/samba/smbldappasswd.sh %u
passwd chat =*New* %n\n *changed*
Samba passes the new "windows" password to the external script which
uses the sun ldappasswd command to change the user's unix script. You
can't just use the "passwd" command since the local root account on a
unix server is not the LDAP admin user.
The " ldap passwd sync = yes" would probably have been cleaner.
On 06/24/2011 05:36 AM, thom_s...@gmx.de wrote:
Hi,
all the users here are stored in a LDAP-Server, means authentication on a
workstation (linux) is over LDAP. Yesterday I configured a Samba-Server, it
also uses the LDAP-Server as its backend.
I found out, that with a call "smbpasswd -a user" an existing user gets all the
attributes from the sambaSamAccount automaticly.
But here is my first question - for this call I need to know the users
password, is there a way, so that I can use the users password already saved in
LDAP as the unix account password ?
Another question.
When a user calls "passwd" on a workstation, now only the passwordfield in LDAP for the
unix account will be changed. But I want to keep unix account password and samba password synchron
- is this possible with calling "passwd" ?
thanks
gizmo
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
