> > I'm running samba3 Using OID (Oracle Internet Directory) as backend, almost > > works ok, but the final trick that doesn't work is the change of the > > passwords from windows dialog box, this change the samba passwords but > > don't change the userpassword, i have found this line on samba logs files: > > ldap password change requested, but LDAP server does not support it -- > > ignoring. > windows "password change dialog" modifies LM and NT hashes (probably, just > NT one), changing of "user password" can be achived in two ways: > 1) modifying UserPassword attribute (ldapmodify request, which is standard > one) > 2) some special request sich as "extended operation" in OpenLDAP, non > standard requests.
"extended operations" are not "non-standard", although they may or may not be implemented by a particular DSA. You can determine the 'exops' supported by your DSA by looking at the rootDSA. Samba should be able to sync the password and lm and ht hashes by itself. Just set the "ldap passwd sync = yes" directive, see the smb.conf for he possible settings (yes, no, and only ?). This will work with or without exop password change support. > > And i found in samba.org fourum that this problem is solved with this ACL: > > access to dn.base="" by * read. > > Already i have put them, but doesn't works, Anybody help me? What does you root DSE look like?
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
