[Date Prev][Date Next]
Re: Getting OpenLDAP to auth users against sambaNTPassword
Sorry if I'm late regarding this thread but I'm a lurker.
Recently a customer asked for synchronizing NT SAM data (accounts and
passwords) and a openldap server. Password sync must be on-line, but
accounts can be done in batch mode (on-line is desirable, but not a must)
We have different solutions for password sync and the 'standard one'
seems to be:
CYRUS SASL V 2.1.7
pam_winbind (included in the SAMBA package)
as stated in:
but as some one said here 'it must be easier than this'. Is it possible
with the 2.2 SLAPI plug-in architecture to get the data from the NT domain
in the same way pam_winbind does (coding PAM in the plugin or moving the
code from the pam_winbind to the SLAPI plugin).
Can I hook change password operations to do the same change password
operation in the NT domain?
Suppose I need it now, and 2.2 is still not 'production code'. What can I
do with 2.1?
Is it possible to stack backends in 2.1? Other possibility is coding a
back-passwd-winnt to filter the password related operations and let the
rest pass-thru to the main backend.