Hello
I am running openldap 2.4.18 (BDB 4.8.24). Both of which I compiled from source. I compiled smbk5pwd with support ONLY for samba. I am using the samba that is distributed with CentOS 5.3 (3.0.33)
openldap does not crash or complain when it launches so I assume that:
moduleload /usr/local/libexec/smbk5pwd.la
is at least loading up the module correctly.
I have a user with the sambaSamAccount objectclass.
I have configured PAM to change the LDAP userPassword when invoked from the command line with /usr/bin/passwd
The userPassword hash gets successfully updated and the values of the sambaNTPassword and sambaLMPassword hashes are changed, but I am unable to authenticate as a samba user against these hashes... and they look sorta weird:
010000000000000090c9c94100000000
when I would expect them to look more "complicated" like:
552902031BEDE9EFAAD3B435B51404EE
Does this smell of a smbk5pwd bug/problem/misconfiguration or a samba/ PAM one?
Thanks, Scott
On Wednesday, 30 September 2009 17:33:39 Scott Classen wrote:
Hello
I am running openldap 2.4.18 (BDB 4.8.24). Both of which I compiled from source. I compiled smbk5pwd with support ONLY for samba. I am using the samba that is distributed with CentOS 5.3 (3.0.33)
I use this module in my personal setup, and the last time I changed my password I have 2.4.17 installed, and my samba password works (and I am quite sure I didn't set it manually).
/me upgrades to 2.4.18 ...
On 2.4.18 (built from the same SRPM as the packages at http://staff.telkomsa.net/packages/rhel5/openldap/), it works for me:
[bgmilne@tiger ~]$ passwd Changing password for user bgmilne. Changing password for bgmilne. Enter current password: Enter login(LDAP) password: New UNIX password: Retype new UNIX password: LDAP password information changed for bgmilne passwd: all authentication tokens updated successfully. [bgmilne@tiger ~]$ ldapwhoami -x -D uid=bgmilne,ou=People,dc=ranger,dc=dnsalias,dc=com -W Enter LDAP Password: dn:uid=bgmilne,ou=People,dc=ranger,dc=dnsalias,dc=com [bgmilne@tiger ~]$ smbclient //localhost/bgmilne Enter bgmilne's password: Domain=[RANGER] OS=[Unix] Server=[Samba 3.4.1] smb: >
openldap does not crash or complain when it launches so I assume that:
moduleload /usr/local/libexec/smbk5pwd.la
is at least loading up the module correctly.
I have a user with the sambaSamAccount objectclass.
I have configured PAM to change the LDAP userPassword when invoked from the command line with /usr/bin/passwd
What is pam_password set to in /etc/ldap.conf ?
Have you tried this by changing the password with ldappasswd instead (which we know will do an ldap password change exop, which pam_ldap should do only if pam_password is set to 'exop'.
The userPassword hash gets successfully updated and the values of the sambaNTPassword and sambaLMPassword hashes are changed, but I am unable to authenticate as a samba user against these hashes... and they look sorta weird:
010000000000000090c9c94100000000
when I would expect them to look more "complicated" like:
552902031BEDE9EFAAD3B435B51404EE
Does this smell of a smbk5pwd bug/problem/misconfiguration or a samba/ PAM one?
Could be a combination, this is only going to work if pam_password is set to exop, if smbk5pwd gets a password hash, it shouldn't be setting any other hashes.
Regards, Buchan
I want to know some examples about the replication with openldap, someone knows about it ?
I've a PDC & BDC but i can't replicated the LDAP database
Help.
regards
"Dominguez, Gaston Matias" gdominguez@eling.com.ar writes:
I want to know some examples about the replication with openldap, someone knows about it ?
http://www.openldap.org/doc/admin24
-Dieter
I configurated the PDC & BDC with Syncrepl but my BDC hasn't got the users that my PDC has.
Where i can view the log about the replication ??
Thanks.
-----Mensaje original----- De: openldap-technical-bounces+gdominguez=eling.com.ar@OpenLDAP.org [mailto:openldap-technical-bounces+gdominguez=eling.com.ar@OpenLDAP.org] En nombre de Dieter Kluenter Enviado el: Sábado, 03 de Octubre de 2009 02:37 a.m. Para: openldap-technical@openldap.org Asunto: Re: Replication LDAP between PBC & BDC
"Dominguez, Gaston Matias" gdominguez@eling.com.ar writes:
I want to know some examples about the replication with openldap, someone knows about it ?
http://www.openldap.org/doc/admin24
-Dieter
"Dominguez, Gaston Matias" gdominguez@eling.com.ar writes:
I configurated the PDC & BDC with Syncrepl but my BDC hasn't got the users that my PDC has.
Where i can view the log about the replication ??
run the consumer slapd with debugging mode sync slapd -d sync -h ldap:///
-Dieter
openldap-technical@openldap.org
-
Buchan Milne -
Dieter Kluenter -
Dominguez, Gaston Matias -
Scott Classen