On Thu, 2012-02-16 at 21:10 +0800, Fajar Priyanto wrote: > Hi all, > I have a setup like this. Pls let me know if it's possible or not. > SAMBA + Local LDAP ---> SASLAUTHD --> Global LDAP
No. Samba uses the sambaNTPassword attribute in it's LDAP schema which is a crypt of the password. You may be able to get plain-text authentication to work but only by adjusting Samba *and* hacking the registry on every client. > Desc: > I'd like to do Samba authentication to LDAP, passthrough to another > LDAP using SASL. > The current situation is: > SSH authentication from LDAP user to that Samba box works. That doesn't involve Samba unless you are using Kerberos or something like pam_winbind / pam_smbpasswd [I don't even know which if any of those are currently 'active']. > However, smb authentication doesn't work (yet). > This is what's shown in syslog when doing Samba authentication: > Feb 16 20:47:05 sglabldap slapd[1393]: => access_allowed: read access > to "uid=fajar,ou=people,dc=example,dc=com" "userPassword" requested Looks like pam_ldap authentication to me. There may be a way to proxy authentication via LDAP [there are jillions of things you can do with LDAP] but I doubt involving saslauthd [plain text authentication] is going to work very well. -- System & Network Administrator [ LPI & NCLA ] <http://www.whitemiceconsulting.com> OpenGroupware Developer <http://www.opengroupware.us> Adam Tauno Williams -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba