> >>> I'm running samba3 Using OID (Oracle Internet Directory) as backend, > >>> almost works ok, but the final trick that doesn't work is the change of > >>> the passwords from windows dialog box, this change the samba passwords > >>> but don't change the userpassword, i have found this line on samba logs > >>> files: > >>> ldap password change requested, but LDAP server does not support it -- > >>> ignoring. > >> windows "password change dialog" modifies LM and NT hashes (probably, just > >> NT one), changing of "user password" can be achived in two ways: > >> 1) modifying UserPassword attribute (ldapmodify request, which is standard > >> one) > >> 2) some special request sich as "extended operation" in OpenLDAP, non > >> standard requests. > > "extended operations" are not "non-standard", although they may or may > > not be implemented by a particular DSA. You can determine the 'exops' > > supported by your DSA by looking at the rootDSA. > where can I read more about "rootDSA" ? > Google seems to know almost nothing about it.
sorry, it is "rootDSE" > > Samba should be able to sync the password and lm and ht hashes by > > itself. Just set the "ldap passwd sync = yes" directive, see the > > smb.conf for he possible settings (yes, no, and only ?). This will work > > with or without exop password change support. > >>> And i found in samba.org fourum that this problem is solved with this ACL: > >>> access to dn.base="" by * read. > >>> Already i have put them, but doesn't works, Anybody help me? > > What does you root DSE look like?
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
