"Bradley W. Langhorst" wrote: > > In the interest of not having password divergence between NT and unix > I've got everything authenticating against and ldap database. > > samba password updates are not a problem - i just > use the unix password syncing features. > > however the other direction is proving to be a problem. > I can rig pam to update both passwords with pam_ldap and pam_smbpass > on machines that run samba. On some machines I don't want to run samba > but i still want to provide passwd updates. > > I've considered and rejected pam_smb and pam_ntdom > since they don't seem to have the password updating features (just auth > features).
pam_winbind does password changes. > I'd rather have the samba stuff updated by an exop on the ldap server > but i don't think that is possible since the ldap server would have to > know how to generate NT and LM hashes If you are into this kind of thing, I think it would be very nice. I've recectly added the support to pdb_ldap to call such a routine - which would allow Samba to do only one password set, allowing the ldap server to deal with the rest. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba