[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: smbk5pwd and ppolicy working together

To: openldap-software <openldap-software@openldap.org>
Subject: Re: smbk5pwd and ppolicy working together
From: Adam Tauno Williams <adamtaunowilliams@gmail.com>
Date: Thu, 03 Apr 2008 15:14:29 -0400
In-reply-to: <47F51F1C.70902@archer-group.com>
References: <47F27B2A.5060607@archer-group.com> <47F28040.90304@tranquil-it-systems.fr> <47F28816.3010504@archer-group.com> <47F29112.3040909@archer-group.com> <1207085230.24284.44.camel@localhost> <47F2AB5A.2020401@archer-group.com> <1207145959.7936.13.camel@WM_ADAM1.morrison.iserv.net> <47F3BA17.3090205@archer-group.com> <47F491D0.8090001@symas.com> <47F4FEEE.80708@archer-group.com> <47F5072E.1030109@symas.com> <47F51F1C.70902@archer-group.com>

> Ok - I'll create an LDAP user specifically for changing passwords, and
> set that as my "ldap admin dn" in the smb.conf, so the change won't be
> done by the rootdn, as recommended by Adam and yourself.  I'll then
> create an entry in the slapd.conf like the one below and give that a shot.

Excellent,  I'm very interested to see what happens at that point.

> >> # ACL's
> >> access to
> >> attrs=userPassword,sambaNTPassword,sambaLMPassword,shadowLastChange,shadowMax,sambaPwdLastSet,sambaPwdMustChange
> >>     by   self    write
> >>     by   *       auth
>     access to
> attrs=userPassword,sambaNTPassword,sambaLMPassword,shadowLastChange,shadowMax,sambaPwdLastSet,sambaPwdMustChange,pwdChangedTime,pwdHistory
>           by dn="cn=pwchanger,dc=example,dc=com" write
> >> access to *
> >>     by   *       read

-- 
Adam Tauno Williams, Network & Systems Administrator
Consultant - http://www.whitemiceconsulting.com
Developer - http://www.opengroupware.org

Follow-Ups:
- Re: smbk5pwd and ppolicy working together
  - From: Ryan Steele <rsteele@archer-group.com>

References:
- smbk5pwd and ppolicy working together
  - From: Ryan Steele <rsteele@archer-group.com>
- Re: smbk5pwd and ppolicy working together
  - From: Pat Riehecky <prieheck@iwu.edu>
- Re: smbk5pwd and ppolicy working together
  - From: Ryan Steele <rsteele@archer-group.com>
- Re: smbk5pwd and ppolicy working together
  - From: Adam Tauno Williams <adamtaunowilliams@gmail.com>
- Re: smbk5pwd and ppolicy working together
  - From: Ryan Steele <rsteele@archer-group.com>
- Re: smbk5pwd and ppolicy working together
  - From: Howard Chu <hyc@symas.com>
- Re: smbk5pwd and ppolicy working together
  - From: Ryan Steele <rsteele@archer-group.com>
- Re: smbk5pwd and ppolicy working together
  - From: Howard Chu <hyc@symas.com>
- Re: smbk5pwd and ppolicy working together
  - From: Ryan Steele <rsteele@archer-group.com>

Prev by Date: Re: smbk5pwd and ppolicy working together
Next by Date: Re: smbk5pwd and ppolicy working together
Index(es):
- Chronological
- Thread