Samba entries in openldap

List overview All Threads
Download

newer

older

ldap hot standby/backup

Re: Migrating openldap db backend...

Chechu

20 Feb 2007 20 Feb '07

3:30 p.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Hi, my question is the next:

I want the entries sambaLMPassword sambaNTPassword to point kerberos kdc, like userPassword does...but openldap is unable to do..and I'd like to modify this ...someone can guide me to change it?

thanks

...PGP SIGNATURE...

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF24R/u1kTJztljjMRAntCAJ9b/1xKmI+wBHiKpyiE+MC7gZVVwgCeJCjV t8YjQrmTbj6V9rzg9gStX9I= =8Rjv -----END PGP SIGNATURE-----

Show replies by date

Howard Chu

22 Feb 22 Feb

6:36 a.m.

Chechu wrote:

...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Hi, my question is the next:

I want the entries sambaLMPassword sambaNTPassword to point kerberos kdc, like userPassword does...but openldap is unable to do..and I'd like to modify this ...someone can guide me to change it?

Don't cross-post, one mailing list is enough.

OpenLDAP can support sambaLMpassword, sambaNTpassword, Kerberos keys, and regular userPassword, using the smbk5pwd overlay. It's in the contrib/slapd-modules directory of the source tree.

-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc Chief Architect, OpenLDAP http://www.openldap.org/project/

Andreas Hasenack

9:31 a.m.

On Thursday 22 February 2007 12:36:22 Howard Chu wrote:

...

Chechu wrote:

...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Hi, my question is the next:

I want the entries sambaLMPassword sambaNTPassword to point kerberos kdc, like userPassword does...but openldap is unable to do..and I'd like to modify this ...someone can guide me to change it?

Don't cross-post, one mailing list is enough.

OpenLDAP can support sambaLMpassword, sambaNTpassword, Kerberos keys, and regular userPassword, using the smbk5pwd overlay. It's in the contrib/slapd-modules directory of the source tree.

On a related note, and just out of the top of my head, could openldap use the sambaNTPassword and sambaLMPassword hashes for simple bind?

Carlos Eduardo Pedroza Santiviago

26 Feb 26 Feb

11:15 a.m.

Hi,

On 2/22/07, Andreas Hasenack ahasenack@terra.com.br wrote:

...

On Thursday 22 February 2007 12:36:22 Howard Chu wrote:

...
Chechu wrote:

[...]

...

On a related note, and just out of the top of my head, could openldap use the sambaNTPassword and sambaLMPassword hashes for simple bind?

Any info on this?

thanks,

-- Carlos Eduardo Pedroza Santiviago

Howard Chu

2:41 p.m.

Carlos Eduardo Pedroza Santiviago wrote:

...

Hi,

On 2/22/07, Andreas Hasenack ahasenack@terra.com.br wrote:

...
On Thursday 22 February 2007 12:36:22 Howard Chu wrote:

...
Chechu wrote:

[...]

...
On a related note, and just out of the top of my head, could openldap use the sambaNTPassword and sambaLMPassword hashes for simple bind?

Any info on this?

You could write an overlay that intercepts Bind operations and compares against those attributes if you wish. The stock code only compares against userPassword.

-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc Chief Architect, OpenLDAP http://www.openldap.org/project/

Hallvard B Furuseth

2:55 p.m.

Howard Chu writes:

...

You could write an overlay that intercepts Bind operations and compares against those attributes if you wish. The stock code only compares against userPassword.

...and combine it with contrib/slapd-modules/smbk5pwd/, so the Password Modify operation will work right.

-- Regards, Hallvard

6509

Age (days ago)

6515

Last active (days ago)

openldap-software@openldap.org

5 comments

5 participants

tags (0)

participants (5)

Andreas Hasenack
Carlos Eduardo Pedroza Santiviago
Chechu
Hallvard B Furuseth
Howard Chu