Re: [Samba] SSHA password modified without smbpasswd
Ok i've used ldappasswd to change the password : LM et NT passwd i've been modified. I've a question related to smbpasswd which can change in my LDAP, userPassword and LM/NT password (ldap passwd sync=yes). But what command does it use if i've not set passwd program ? How can I find it ? Does it use by default ldappasswd ? In smb.conf passdb backend = ldapsam:ldap://172.18.0.8/ ldap passwd sync = yes # unix password sync = yes # passwd program = /usr/sbin/smbldap-passwd ?u %u ldap admin dn = cn=admin,dc=isc84,dc=org ldap delete dn = yes ldap ssl = off ldap suffix = ou=samba,dc=isc84,dc=org ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap machine suffix = ou=Machines add user script = /usr/sbin/smbldap-useradd -m %u delete user script = /usr/sbin/smbldap-userdel %u add machine script = /usr/sbin/smbldap-useradd -w %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u enable privileges = yes In smbldap.conf hash_encrypt=SSHA crypt_salt_format=%s with_smbpasswd=0 smbpasswd=/usr/bin/smbpasswd with_slappasswd=0 Le 19/04/2012 00:52, Andrew Bartlett a écrit : On Wed, 2012-04-18 at 17:25 +0200, Hervé Hénoch wrote: Thanks for the response, I've installed the overlay but how to test if it is running ? I've tried to modify userPassword directly or via my java program but neither LMpasswor nor NTpassword have been modified !!! So what i've missed ? You must use the password set/change extended operation, not a write to userPassword. Andrew Bartlett -- Hervé Hénoch Responsable informatique Institut Sainte Catherine 1750, chemin du Lavarin, 84000 Avignon Téléphone : 04.90.27.57.44 Messagerie : h.hen...@isc84.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] SSHA password modified without smbpasswd
On Thu, 2012-04-19 at 08:21 +0200, Hervé Hénoch wrote: Ok i've used ldappasswd to change the password : LM et NT passwd i've been modified. I've a question related to smbpasswd which can change in my LDAP, userPassword and LM/NT password (ldap passwd sync=yes). But what command does it use if i've not set passwd program ? How can I find it ? Does it use by default ldappasswd ? In smb.conf passdb backend = ldapsam:ldap://172.18.0.8/ ldap passwd sync = yes We have C code in Samba which makes the ldap password change extended operation, so no external program is required (this is more reliable in any case). Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] SSHA password modified without smbpasswd
Thanks for the response, I've installed the overlay but how to test if it is running ? I've tried to modify userPassword directly or via my java program but neither LMpasswor nor NTpassword have been modified !!! So what i've missed ? Regards Le 14/04/2012 00:57, Andrew Bartlett a écrit : On Fri, 2012-04-13 at 09:15 +0200, Hervé Hénoch wrote: Hello, I've the following goal to reach : modify the attribute userPassword via a Java method in a Samba LDAP tree. I successfully changed the SSHA password in the LDAP. But I can't open a session with this new password. It seems, that sambaNTPassword et sambaLMPassword must be changed too ... but i don't know how to do it ... There is an 'overlay' for OpenLDAP called smbk5pwd that will help here. Andrew Bartlett -- Hervé Hénoch Responsable informatique Institut Sainte Catherine 1750, chemin du Lavarin, 84000 Avignon Téléphone : 04.90.27.57.44 Messagerie : h.hen...@isc84.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] SSHA password modified without smbpasswd
On Wed, 2012-04-18 at 17:25 +0200, Hervé Hénoch wrote: Thanks for the response, I've installed the overlay but how to test if it is running ? I've tried to modify userPassword directly or via my java program but neither LMpasswor nor NTpassword have been modified !!! So what i've missed ? You must use the password set/change extended operation, not a write to userPassword. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] SSHA password modified without smbpasswd
Hello, I've the following goal to reach : modify the attribute userPassword via a Java method in a Samba LDAP tree. I successfully changed the SSHA password in the LDAP. But I can't open a session with this new password. It seems, that sambaNTPassword et sambaLMPassword must be changed too ... but i don't know how to do it ... Any idea ? Regards -- Hervé Hénoch Responsable informatique Institut Sainte Catherine 1750, chemin du Lavarin, 84000 Avignon Téléphone : 04.90.27.57.44 Messagerie : h.hen...@isc84.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] SSHA password modified without smbpasswd
On Fri, 2012-04-13 at 09:15 +0200, Hervé Hénoch wrote: Hello, I've the following goal to reach : modify the attribute userPassword via a Java method in a Samba LDAP tree. I successfully changed the SSHA password in the LDAP. But I can't open a session with this new password. It seems, that sambaNTPassword et sambaLMPassword must be changed too ... but i don't know how to do it ... There is an 'overlay' for OpenLDAP called smbk5pwd that will help here. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba