Le 23/09/2018 à 21:22, Ervin Hegedüs a écrit :
Hi,
On Thu, Sep 20, 2018 at 02:11:43PM +0100, Howard Chu wrote:
Ervin Hegedüs wrote:
Hi,
as I described in my previous thread[1], I have a web frontend tool, where user can modify its own password - here the password is a set of passwd attributes: userPassword, sambaNTPassword, sambaLMPassword.
Is there any way that when I give access to users to modify its own password, and the user wants to modify it through LDAP(S), instead of out web frontend, the samba passwords also updated (with correct hash algorithm)?
Use the smbk5pwd overlay.
I've tried it:
dn: cn=module,cn=config cn: module objectClass: olcModuleList olcModulePath: /usr/lib/ldap/ olcModuleLoad: smbk5pwd
dn: olcOverlay=smbk5pwd,olcDatabase={1}mdb,cn=config changetype: add objectClass: olcSmbK5PwdConfig objectClass: olcOverlayConfig objectClass: olcConfig objectClass: top olcOverlay: smbk5pwd olcSmbK5PwdEnable: samba
but when I changed the userPassword, the sambaNTPassword and sambaLMPassword attributes doesn't changed.
What did I missed?
smbk5pwd overlay only works if password change has been made with extended password modify operation (this operation is done with ldappasswd, not with ldapmodify).