> ... I see that the samba password hashes are shown with a simple
> ldapsearch command. ...
I do not have this problem. My /etc/openldap/slapd.conf includes the lines at
the end of this message. The passwords are not visible via ldapsearch, yet the
Samba on the same machine can still access them (probably because it runs as
"root").
(The lines also include a provision for syncrepl replication, which probably
isn't relevant to Samba usage.)
-Chuck Kollars
### set up some restrictions to not make passwords visible
access to attrs=sambaLMPassword,sambaNTPassword,MMSNumber,userPassword
by dn.exact="cn=ReplicateUser,dc=ipswichschools,dc=org" read
by * auth
# Default read access to everything else
# (should be last to act as "default")
# (not optional - without this it doesn't work right)
access to *
by * read
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
