On 14/11/11 15:22 +0100, Francesco Storti wrote:
Hi, I am using both syncrepl (for replication) and smbk5pwd (for password synchronisation between samba and ldap account) overlays. I have configured replication in the simplest way: a read-only producer that forwards updates to the provider thought updateref. If I change my password thought passwd command on a client with pam modules configured for gaining information from the provider everything works fine (userPassword, sambaLMPassword and sambaNTPassword are correctly syncronized). Instead, if I change my password thought passwd command on another client with pam modules configured for gaining information from the consumer only the userPassword is changed. I do not understand why. Has someone experimented the same problem? Thank you in advance.
The smbk5pwd only takes effect when performing a password Extended Operation (see the smbk5pwd/README file in the source). On the systems where 'passwd' is not doing the correct thing, verify that your ldap pam config is performing an ExOp, and not just overwriting userPassword.
I am performing replication without any issues with the samba/kerberos attributes propagating.