Jasper V. Ferrer wrote: > hi, i have three machines excellence, sapphire and integrity. excellence > runs samba and acts as a pdc for domain ferrer-lan. sapphire also runs > samba and is a member of domain ferrer-lan (security=domain). integrity > runs windowsxp and is also a member of domain ferrer-lan. > > samba on both excellence and sapphire has unix password sync enabled and > is syncing passwords just fine. so when i change password on integrity the > local linux password on excellence gets synced too. however this leaves me > with a different linux password on sapphire. > > since samba on sapphire is a member of domain ferrer-lan, is there a way > to automagically sync to the local linux password? on samba startup? > whenever connecting to samba on excellence? > > please help, thank you. >
This is a normal password sync problem that has plagued the nixes for years. However, there is some excellent tools out now-a-days that make this problem trivial. I run two Linux servers and two linux desktops in an otherwise all Windows network. I separate my linux logins into two categories: User Accounts; and System Accounts. System accounts are accounts such as: root; ftp; service; apache; mysql; and other such accounts that are system/server specific. For this I use the standard Unix password system and PAM. User accounts though are a different situation completely. For these, I use an OpenLDAP server with the nss_ldap and pam_ldap tools from padl.com. When set up correctly, all the user accounts will be visible via PAM authentication, and your password sync will store the data in LDAP. Therefore, a change in password in either location, will actually reflect on all nix or Mac computers using the LDAP for authentication. HTH Kevin Fries -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
