A few questions on the "ldap passwd sync" directive: http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html#passwd_sync
ldap passwd sync = yes|no|only "This option is used to define whether or not Samba should sync the LDAP password with the NT and LM hashes for normal accounts..." (a) yes - Try to update the LDAP, NT and LM passwords and update the pwdLastSet time, (b) no - Do it like before, only update NT and LM passwords and update the pwdLastSet time, (c) only - Only update the LDAP password and let the LDAP server doing the rest. Now, assuming my samba box is a PDC (to mixed 98, NT, 2K, XP) running in LDAP mode and I'm using pam_ldap or pam_krb5 for unix authentication... 1. How does option (c) work - what is the effective difference between (c) and (a) - how does the LDAP server do the rest - what is "the rest"? 2. If LDAP is using KERBEROS authentication will the kerberos password get updated when the user changes her SAMBA password. 3. What if a unix user changes their password via passwd on the console - will both the SAMBA and KERBEROS passwords get updates? Thanks -- Simon Oliver -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba