> On 9 Mar 2019, at 01:17, Gordon Messmer wrote:
>
> On 3/8/19 4:58 AM, Janet Houser wrote:
>> Thanks!
>>
>> I read that but I can't switch to freeipa since that software doesn support
>> a hash needed with gsync.
>>
>> h.. I wonder if I could sync the user/password DB to freeipa
Thanks for the suggestion about Google Cloud and SAML auth. I'll look
into that.
Cheers,
On 3/8/19 8:17 AM, Gordon Messmer wrote:
On 3/8/19 4:58 AM, Janet Houser wrote:
Thanks!
I read that but I can't switch to freeipa since that software doesn
support a hash needed with gsync.
On 3/8/19 4:58 AM, Janet Houser wrote:
Thanks!
I read that but I can't switch to freeipa since that software doesn
support a hash needed with gsync.
h.. I wonder if I could sync the user/password DB to freeipa
and then use that to serve out samba shares.
I don't think
Thanks William.
From all my research and testing I didn't think it could, but I wanted
the confirmation.
Someone mentioned using freeipa -- which has the password sync ability.
I'll look into the possibility of syncing my user/password
DB to freeipa and use it to authenticate samba shares.
On 3/7/19 9:17 PM, William Brown wrote:
It uses the ipaNTHash field, and I don’t know if it’s in a samba compatible
format. Samba with IPA uses krb5 for security generally rather than reading the
NT hash IIRC.
It must be a compatible format, because I have a Samba server that
authenticates
> On 8 Mar 2019, at 14:50, Gordon Messmer wrote:
>
> On 3/7/19 1:11 PM, Janet H wrote:
>> I want to be able to change the LDAP password (userPassword) and have that
>> then update the sambaNTPassword.
>
>
> I believe FreeIPA (which is built on 389 DS) will do that when you install it
>
On 3/7/19 1:11 PM, Janet H wrote:
I want to be able to change the LDAP password (userPassword) and have that then
update the sambaNTPassword.
I believe FreeIPA (which is built on 389 DS) will do that when you
install it with "--setup-adtrust"
This document might be sufficient:
> On 8 Mar 2019, at 07:11, Janet H wrote:
>
> I want to be able to change the LDAP password (userPassword) and have that
> then update the sambaNTPassword.
>
> I have been googling for days and ran across the suggestion to use the
> smbkrb5pwd overlay but that looks specific to openldap and