Re: Samba & LDAP
On Wed, 2003-06-04 at 17:55, Bastian Winkler wrote: > use. does this option also work with kpasswd in openldap? i store my > passwords in kerberos, its no problem to keep this in sync with > "passwd chat" It works with whatever password the LDAP server updates when you tell it to modify your password. I don't think it will update your kerberos userinfo unless ldap and kerberos are closer friends than I think :) -m- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Samba & LDAP
On Wed, 2003-06-04 at 17:55, Bastian Winkler wrote: > use. does this option also work with kpasswd in openldap? i store my > passwords in kerberos, its no problem to keep this in sync with > "passwd chat" It works with whatever password the LDAP server updates when you tell it to modify your password. I don't think it will update your kerberos userinfo unless ldap and kerberos are closer friends than I think :) -m-
Re: Samba & LDAP
On Wed, Jun 04, 2003 at 11:48:13AM +0200, Hirling Endre wrote: > On Mon, 2003-06-02 at 16:35, Bastian Winkler wrote: > > if you are using samba with "--with-ldapsam", samba is looking for the > > lmPassword and ntPassword attributes in ldap. it is no problem to keep > > this password in sync with a small script and samba set "unix password > > sync = yes" in your smb.conf. if you really want to use the > > unix-passwords with samba you must not use encrypted passwords :-( > > read ENCRYPTION.html in the samba-doc package for this problem. > > FYI samba can do 'ldap passwd sync' when it modifies the LDAP password > directly with a modify_password LDAP operation. No need for scripts, > passwd chat, etc. This works with the samba package in sid, it has to be > patched, though, because the password change operation is no longer > experimental in slapd v2.1 which is also in sid. i know, this option is in samba since 3.0-alpha20. it works really great, but i my case samba-3.0-alpha was not stable enough for production use. does this option also work with kpasswd in openldap? i store my passwords in kerberos, its no problem to keep this in sync with "passwd chat" :wq buz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Samba & LDAP
On Mon, 2003-06-02 at 16:35, Bastian Winkler wrote: > if you are using samba with "--with-ldapsam", samba is looking for the > lmPassword and ntPassword attributes in ldap. it is no problem to keep > this password in sync with a small script and samba set "unix password > sync = yes" in your smb.conf. if you really want to use the > unix-passwords with samba you must not use encrypted passwords :-( > read ENCRYPTION.html in the samba-doc package for this problem. FYI samba can do 'ldap passwd sync' when it modifies the LDAP password directly with a modify_password LDAP operation. No need for scripts, passwd chat, etc. This works with the samba package in sid, it has to be patched, though, because the password change operation is no longer experimental in slapd v2.1 which is also in sid. -m- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Samba & LDAP
On Wed, Jun 04, 2003 at 11:48:13AM +0200, Hirling Endre wrote: > On Mon, 2003-06-02 at 16:35, Bastian Winkler wrote: > > if you are using samba with "--with-ldapsam", samba is looking for the > > lmPassword and ntPassword attributes in ldap. it is no problem to keep > > this password in sync with a small script and samba set "unix password > > sync = yes" in your smb.conf. if you really want to use the > > unix-passwords with samba you must not use encrypted passwords :-( > > read ENCRYPTION.html in the samba-doc package for this problem. > > FYI samba can do 'ldap passwd sync' when it modifies the LDAP password > directly with a modify_password LDAP operation. No need for scripts, > passwd chat, etc. This works with the samba package in sid, it has to be > patched, though, because the password change operation is no longer > experimental in slapd v2.1 which is also in sid. i know, this option is in samba since 3.0-alpha20. it works really great, but i my case samba-3.0-alpha was not stable enough for production use. does this option also work with kpasswd in openldap? i store my passwords in kerberos, its no problem to keep this in sync with "passwd chat" :wq buz
Re: Samba & LDAP
On Mon, 2003-06-02 at 16:35, Bastian Winkler wrote: > if you are using samba with "--with-ldapsam", samba is looking for the > lmPassword and ntPassword attributes in ldap. it is no problem to keep > this password in sync with a small script and samba set "unix password > sync = yes" in your smb.conf. if you really want to use the > unix-passwords with samba you must not use encrypted passwords :-( > read ENCRYPTION.html in the samba-doc package for this problem. FYI samba can do 'ldap passwd sync' when it modifies the LDAP password directly with a modify_password LDAP operation. No need for scripts, passwd chat, etc. This works with the samba package in sid, it has to be patched, though, because the password change operation is no longer experimental in slapd v2.1 which is also in sid. -m-
Re: Samba & LDAP
hi, On Mon, Jun 02, 2003 at 03:33:50PM +0200, Ghe Rivero wrote: > Hi! > I need a PDC for a win2k & linux network and i have a couple of > questions... > > 1.- Why i need packages to managed samba & ldap passwords at the same > time? I though that with the ldap directives in the smb.conf file was > enough. if you are using samba with "--with-ldapsam", samba is looking for the lmPassword and ntPassword attributes in ldap. it is no problem to keep this password in sync with a small script and samba set "unix password sync = yes" in your smb.conf. if you really want to use the unix-passwords with samba you must not use encrypted passwords :-( read ENCRYPTION.html in the samba-doc package for this problem. > > 2.- In the linux clients... how i managed to authentificated against > the smb server and to mount automatically the home directory of the > user? Or is better to authentificated against the ldap server? there is a way to authenticate windows-clients against the ldap server, but this is much client-work. simply use the samba-ldap installation as PDC and let the workstations join the domain. see Samba-LDAP-HOWTO.html in samba-doc or http://www.unav.es/cti/ldap-smb-howto.html buz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Samba & LDAP
See this: http://www.idealx.org/prj/samba/index.en.html --- Ghe Rivero <[EMAIL PROTECTED]> escribió: > Hi! > I need a PDC for a win2k & linux network and i have > a couple of > questions... > > 1.- Why i need packages to managed samba & ldap > passwords at the same > time? I though that with the ldap directives in the > smb.conf file was > enough. > > 2.- In the linux clients... how i managed to > authentificated against > the smb server and to mount automatically the home > directory of the > user? Or is better to authentificated against the > ldap server? > > Any suggestion is welcomed. > > -- > Ghe Rivero <[EMAIL PROTECTED]> > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > ___ Yahoo! Messenger - Nueva versión GRATIS Super Webcam, voz, caritas animadas, y más... http://messenger.yahoo.es -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Samba & LDAP
Hi! I need a PDC for a win2k & linux network and i have a couple of questions... 1.- Why i need packages to managed samba & ldap passwords at the same time? I though that with the ldap directives in the smb.conf file was enough. 2.- In the linux clients... how i managed to authentificated against the smb server and to mount automatically the home directory of the user? Or is better to authentificated against the ldap server? Any suggestion is welcomed. -- Ghe Rivero <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Samba & LDAP
hi, On Mon, Jun 02, 2003 at 03:33:50PM +0200, Ghe Rivero wrote: > Hi! > I need a PDC for a win2k & linux network and i have a couple of > questions... > > 1.- Why i need packages to managed samba & ldap passwords at the same > time? I though that with the ldap directives in the smb.conf file was > enough. if you are using samba with "--with-ldapsam", samba is looking for the lmPassword and ntPassword attributes in ldap. it is no problem to keep this password in sync with a small script and samba set "unix password sync = yes" in your smb.conf. if you really want to use the unix-passwords with samba you must not use encrypted passwords :-( read ENCRYPTION.html in the samba-doc package for this problem. > > 2.- In the linux clients... how i managed to authentificated against > the smb server and to mount automatically the home directory of the > user? Or is better to authentificated against the ldap server? there is a way to authenticate windows-clients against the ldap server, but this is much client-work. simply use the samba-ldap installation as PDC and let the workstations join the domain. see Samba-LDAP-HOWTO.html in samba-doc or http://www.unav.es/cti/ldap-smb-howto.html buz
Re: Samba & LDAP
See this: http://www.idealx.org/prj/samba/index.en.html --- Ghe Rivero <[EMAIL PROTECTED]> escribió: > Hi! > I need a PDC for a win2k & linux network and i have > a couple of > questions... > > 1.- Why i need packages to managed samba & ldap > passwords at the same > time? I though that with the ldap directives in the > smb.conf file was > enough. > > 2.- In the linux clients... how i managed to > authentificated against > the smb server and to mount automatically the home > directory of the > user? Or is better to authentificated against the > ldap server? > > Any suggestion is welcomed. > > -- > Ghe Rivero <[EMAIL PROTECTED]> > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > ___ Yahoo! Messenger - Nueva versión GRATIS Super Webcam, voz, caritas animadas, y más... http://messenger.yahoo.es
Samba & LDAP
Hi! I need a PDC for a win2k & linux network and i have a couple of questions... 1.- Why i need packages to managed samba & ldap passwords at the same time? I though that with the ldap directives in the smb.conf file was enough. 2.- In the linux clients... how i managed to authentificated against the smb server and to mount automatically the home directory of the user? Or is better to authentificated against the ldap server? Any suggestion is welcomed. -- Ghe Rivero <[EMAIL PROTECTED]>