>>>>> "FM" == FM <[EMAIL PROTECTED]> writes:
FM> Now, LDAP /KERBEROS is replacing NIS and Samba (with ldap
FM> backend) will replace the local backend .
Is your LDAP server by any chance OpenLDAP? If not, my examples probably
won't work...
FM> 2- Because Samba can not use MIT-Kerberos for password (as far
FM> as I know)
Don't know if this is true, but it doesn't matter. Use
userPassword: [EMAIL PROTECTED]
then ldap will 'ask' the KDC, and samba don't have to care...
FM> When user from Windows want to change his password,
FM> samba will use a custom script (not created yet ) to also so
FM> update the Kerberos password (if you have examples they're
FM> more then welcome).
With some additional tests around this, all you need is a one liner:
kadmin -q "cpw -pw secret principal"
FM> But the big problem is Linux users : If
FM> they want to update they password, they use kpasswd but it
FM> will not update samba password.
As said above, using {SASL}, that doesn't matter...
Please have a look at http://www.bayour.com/LDAPv3-HOWTO.html. It's
old, but there should be SOMETHING in there for you...
--
jihad fissionable domestic disruption smuggle Saddam Hussein munitions
767 Kennedy plutonium PLO spy assassination Ft. Bragg Ft. Meade subway
[See http://www.aclu.org/echelonwatch/index.html for more about this]
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
