On Oct 11, 2007, at 1:05 PM, Buchan Milne wrote:
Maybe I was not clear enough. I am not looking for a tool to just change an LDAP password (I use ldappasswd for that currently, and it changes Samba passwords too via the smbk5passwd overlay) or provision accounts to LDAP etc. . I am looking for a solution to ensure that, whichever mechanisms I decide to allow for password changes (e.g. LDAP password change exop), all aspects related to the use of that password are updated consistently, for use via simple binds, authentication via Samba/NTLM/MSCHAPv2, and Kerberos. At present I see no means to accomplish this (at most you can get 2/3).
The OpenLDAP-specific solution would be write modules that would, after update of a directory password, would update whatever other systems you want updated.
Given this is the OpenLDAP Software list, I'll stop there.
-- Kurt