> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Behalf Of Craig Jackson > Sent: Saturday, September 30, 2006 8:06 AM > To: [email protected] > Subject: RE: [Samba] Sync unix and samba passwords > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] > > Behalf Of Craig Jackson > > Sent: Friday, September 29, 2006 3:57 PM > > To: [email protected] > > Subject: [Samba] Sync unix and samba passwords > > > > > > Hi, > > > > We have an Exchange server (server 2003) that is a domain > > controller and > > a few Samba file servers that are not part of the Windows > domain. The > > Samba servers use their own LDAP directory ( ldapsam backend with > > pam_ldap ) that is synchronized to one openldap directory > > server but is > > not synchronized to the Windows domain AD. The workstations are all > > local accounts and not members of any domain either. I am happy with > > this arrangement despite having to enter user information twice and > > would rather not change it. > > > > Goal: I would like to use Services for Unix on the Windows AD > > controller > > to synchronize linux passwords so that the end user has to change > > password once for email/Samba and once for local computer. > > > > Problem: When Linux administrator issues the passwd command as in # > > passwd <username> the ldap userPassword attribute is > changed correctly > > but the Samba NT/LM passwords are not also changed. > > > > What I have already done: Googled the issue and found that > unix passwd > > sync in smb.conf is not what I need. Ldap passwd sync = yes is in > > smb.conf. I have found some info on pam_smbpass.so but do not have > > enough information to know if this is what I need and how to use it. > > > > Or can someone tell me if this will not work at all. Better ideas? > > > > Thanks! > > Craig > > -- > > > Samba docs say that pam_smbpass.so is in fact what I need and I have > added the following line to /etc/pam.d/common-passwd > > password required pam_smbpass.so nullok use_authtok try_first_pass > > But #passwd <user> doesn't sync the LDAP NT/LM passwords and > there is this > in the log: > > CRON[18769]: PAM adding faulty module: /lib/security/pam_smbpass.so > > According to Samba docs, pam_smbpass.so is used to keep the smbpasswd > (Samba password) database in sync, but does that really mean ONLY > smbpasswd or any Samba backend? >
#apt-get install pam_smbpass fixed the faulty module error -- DUH! but still no sync of LDAP smb passwords after changing unix password with passwd command. Using samba 3.022 on Ubuntu Dapper Is this the right list for this? Thanks. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
