[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unix auth via LDAP & now need to add Samba!

To: David Wright <ichbin@shadlen.org>
Subject: Re: Unix auth via LDAP & now need to add Samba!
From: "Kervin L. Pierre" <kervin@blueprint-tech.com>
Date: Tue, 30 Apr 2002 14:54:41 -0400
Cc: Adam Williams6 <awilliam@whitemice.org>, ". ." <libogen@hotmail.com>, openldap-software@OpenLDAP.org
References: <Pine.LNX.4.44.0204301111560.12135-100000@monk.shadlen.org>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc2) Gecko/20020430

Ah, win->ldap authentication. :)

If you want Windows to authenticate off OpenLDAP, you'd have to use a GINA module on windows. There are GINA modules out there that let you authenticate against a LDAP server.

Alternatively, you can also run a OpenLDAP replica with back-perl on your PDC and have the LDAP accounts sync'ed that way. That's what I'm working on. The NT user passwords changes get set to the LDAP server via a password dll on the PDC, while all other account changes are done on the main LDAP server.

--Kervin

David Wright wrote:


3) Suppose (horror horabilis) I were willing to give up the requirement
that Unix passwords are stored in hashed form. Could I get Windows clients
to authenticate off Unix passwords? I don't just mean for filesharing, but
for user login -- the idea would be to replace Active Directory. How would
this work in detail (i.e. do smbPassword and userPassword become a single
attribute? or do I need some funky pam_ldap module modifications to make
sure they are synched at all times?)

References:
- Re: Unix auth via LDAP & now need to add Samba!
  - From: David Wright <ichbin@shadlen.org>

Prev by Date: Re: memberOf attribute: part of LDAP v3 standard ?
Next by Date: DLLs
Index(es):
- Chronological
- Thread