Hello Daniel, I don't talk about Windows users. I talk about Unix (Linux) users that have shell access to the server where they can run smbldap-passwd.
I am afraid you answered the wrong question. I ask how to prevent users with shell access to where smnldap-passwd is installed from viewing the file smbldap_bind.conf. Revoking shell access/setting smbldap-passwd as shell is out of question. Sincerely, Konstantin 12.01.2011 14:29, Daniel Müller пишет: > ???? > On your windows client strg+alt+entf > Change password. > The users will never see this password in smbldap_bind.conf. > > > > ----------------------------------------------- > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: [email protected] > Internet: www.tropenklinik.de > ----------------------------------------------- > > -----Ursprüngliche Nachricht----- > Von: [email protected] [mailto:[email protected]] Im > Auftrag von Konstantin Boyandin > Gesendet: Mittwoch, 12. Januar 2011 08:50 > An: [email protected] > Betreff: [Samba] smbldap-tools security: how to keep passwords in > smbldap_bind.conf secure? > > Hello, > > On > http://wiki.samba.org/index.php/4.0:_User_Management > it is described how to set up and use smbldap-tools package. The > question is, how to hide master passwords in such a case? > > smbldap-passwd may be called by non-root; thus, > /etc/smbldap-tools/smbldap_bind>conf > must be world-readable, and it keeps the passwords as plain text. > > How can I allow users to change their passwords with smbldap-passwd > without compromising the security? > > Thanks. > Sincerely, > Konstantin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
