On Monday, 2 November 2009 15:03:29 pcinformace pcinformace wrote:
I am trying to set up LDAP + SAMBA to propagate password in both directions
but unfortunately I have some small issues I do not know how to resolve.
I set up LDAP and SAMBA server and I can connect to them ( all on one
I can connect to samba server and browse shares with
smbclient //192.168.1.199/home -U user100
Also I can connect using ssh user100(a)192.168.1.199 ( wirt password I
set up for user100 in LDAP system )
where user "user100" is added to samba conf as samba user but its
origin is from LDAP and it is is
originally added using
ldapadd -c -x -D cn=admin,dc=testdomain,dc=net -W -f user100.ldif
ldappasswd -x -D cn=admin,dc=testdomain,dc=net -W -S
I can change password for user "user100" once logged over ssh using
"passwd" and this new password apply only on LDAP part,
If you enabled the smbk5pwd overlay, and assuming you are using pam_ldap, and
have configured pam_ldap to use the LDAP password modify extended operation to
change passwords ("pam_password exop"), then this would change the samba
When logged over ssh to LDAM-SAMBA server as user "user100"
to change password using smbpasswd I am getting error like
Old SMB password:
New SMB password:
Retype new SMB password:
Unable to connect to SMB server on machine 127.0.0.1. Error was :
Failed to change password for user100
I do not have address 127.0.0.1 set anywhere in samba configuration
See the -r option to smbpasswd.
OS is debian stable and all packages are debian's ones
Let's hope debian ships smbk5pwd overlay (other distros do ....).