[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: More password synchronzation

To: "Simon Oliver" <s.oliver@umist.ac.uk>
Subject: Re: More password synchronzation
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Fri, 02 Apr 2004 07:03:24 -0800
Cc: <OpenLDAP-software@OpenLDAP.org>
In-reply-to: <001401c418c1$2267cfc0$a06e5882@bi.umist.ac.uk>
References: <009101c41713$217bde80$a06e5882@bi.umist.ac.uk> <001401c418c1$2267cfc0$a06e5882@bi.umist.ac.uk>

At 06:45 AM 4/2/2004, Simon Oliver wrote:
>A few questions on the "ldap passwd sync" directive:

seems like a question you should take to a samba mailing list.


>http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html#passwd_sync
>
>ldap passwd sync = yes|no|only
>
>"This option is used to define whether or not Samba should sync the LDAP
>password with the NT and LM hashes for normal accounts..."
>
>(a) yes - Try to update the LDAP, NT and LM passwords and update the
>pwdLastSet time,
>(b) no - Do it like before, only update NT and LM passwords and update the
>pwdLastSet time,
>(c) only - Only update the LDAP password and let the LDAP server doing the
>rest.
>
>Now, assuming my samba box is a PDC (to mixed 98, NT, 2K, XP) running in
>LDAP mode and I'm using pam_ldap or pam_krb5 for unix authentication...
>
>1. How does option (c) work - what is the effective difference between (c)
>and (a) - how does the LDAP server do the rest - what is "the rest"?
>
>2. If LDAP is using KERBEROS authentication will the kerberos password get
>updated when the user changes her SAMBA password.
>
>3. What if a unix user changes their password via passwd on the console -
>will both the SAMBA and KERBEROS passwords get updates?
>
>Thanks
>
>-- 
>  Simon Oliver

References:
- More password synchronzation
  - From: "Simon Oliver" <s.oliver@umist.ac.uk>

Prev by Date: More password synchronzation
Next by Date: Re: LDBM verse BDM
Index(es):
- Chronological
- Thread