[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Propagation of LDAP passwrod change to samba system
- To: Michael Ströder <michael@stroeder.com>
- Subject: Re: Propagation of LDAP passwrod change to samba system
- From: pcinformace pcinformace <pcinformace@gmail.com>
- Date: Tue, 3 Nov 2009 13:10:30 +0100
- Cc: openldap-technical@openldap.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=DWfFRVuy9JvNsa8x4ReP4GFNpFZk+xIf2mRWYUNGUFk=; b=ow0UhqquCLz/LbUDzC/81aIYdLvH1gV0zDLSfuwat9wLAnO14fpx1vVqgxAXxWlUdH /IPDZf1CFHWjqNNF7wme2ZE7Blplou4iNUu6ksiACpcAfnVe4RzwVYq3EPULHBSmlxVX GEx8B1mQyerZoKSiPGFATogQL+Ziw8Vtt4iww=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=UbnL0b8N4WqgsKItxD1p3GHUmnzPmjzdX7gM192XiiD6ozwtDyR9ovx0qWaHr5smYi YhZp2QeP29MfblZuwb/qUM84SuXwt5cjXyui4hxFmSkpepNyjEzhAzZ2cAgp99st1UK9 pM2VGwZEDHVYne5Zx4Wrls7RbdX3Jag1v9JZY=
- In-reply-to: <4AEFD296.2030702@stroeder.com>
- References: <d9ee01180911020603n6b4c3c14kab862f552f47f9a4@mail.gmail.com> <4AEFD296.2030702@stroeder.com>
Thank you for commnet
yes it is 3.2.5 regural package in Lenny.
dpkg -l | grep samba
ii samba 2:3.2.5-4lenny7 a
LanManager-like file and printer server for Unix
ii samba-common 2:3.2.5-4lenny7 Samba
common files used by both the server and the client
ii samba-doc 2:3.2.5-4lenny7 Samba
documentation
server:/etc/samba# dpkg -l | grep ldap
ii ldap-utils 2.4.11-1
OpenLDAP utilities
ii libldap-2.4-2 2.4.11-1
OpenLDAP libraries
ii libnss-ldap 261-2.1 NSS
module for using LDAP as a naming service
ii libpam-ldap 184-4.2
Pluggable Authentication Module for LDAP
I know this stuff is very complex and I am trying to set it up step by
step, but I really do not undersand what causing error
smbpasswd
Old SMB password:
New SMB password:
Retype new SMB password:
machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was :
NT_STATUS_ACCESS_DENIED.
Failed to change password for test1
when I logged to system usning ssh and as user1.
I understand that smbpasswd by default look for ip address
127.0.0.1/localhost but I am getting same error in case I set up
127.0.0.1/8 in smb.conf
Also I tried to change samba password for user1 using
smbpasswd -r 192.168.1.201 ( 192.168.1.201 is stated it smb.conf as
interface will bind to, ) but again same problem
What is tconX, I did not defined it, what ir set up IPC$....
regards, thanks
2009/11/3 Michael Ströder <michael@stroeder.com>:
> pcinformace pcinformace wrote:
>> I am trying to set up LDAP + SAMBA
>
> I assume this is Samba3. Is it an OpenLDAP server?
>
>> Question is how can I make it reversible, so when I change password
>> connected via ssh to be propagated to samba system and to use that new
>> password for accessing samba shares.
>
> For the LDAP bind (used by ssh) the attribute 'userPassword' has to be set
> when changing the password. For Samba3 the attribute(s) sambaNTPassword (and
> optionally sambaLMPassword) have to be set with a pre-calculated hash.
>
> I'd recommend to set up OpenLDAP with overlay slapo-smbk5pwd which you have to
> build separately and is found in directory contrib/slapd-modules/smbk5pwd of
> the source distribution. This overlay intercepts the Password Modify extended
> operation and sets userPassword and the Samba password attribute(s). So you
> have to tell pam_ldap to use ext. op. when setting a new password.
>
> Ciao, Michael.
>
> --
> Michael Ströder
> E-Mail: michael@stroeder.com
> http://www.stroeder.com
>
>