[Date Prev][Date Next]
Re: Unix auth via LDAP & now need to add Samba!
Ah, win->ldap authentication. :)
If you want Windows to authenticate off OpenLDAP, you'd have to use a
GINA module on windows. There are GINA modules out there that let you
authenticate against a LDAP server.
Alternatively, you can also run a OpenLDAP replica with back-perl on
your PDC and have the LDAP accounts sync'ed that way. That's what I'm
working on. The NT user passwords changes get set to the LDAP server
via a password dll on the PDC, while all other account changes are done
on the main LDAP server.
David Wright wrote:
3) Suppose (horror horabilis) I were willing to give up the requirement
that Unix passwords are stored in hashed form. Could I get Windows clients
to authenticate off Unix passwords? I don't just mean for filesharing, but
for user login -- the idea would be to replace Active Directory. How would
this work in detail (i.e. do smbPassword and userPassword become a single
attribute? or do I need some funky pam_ldap module modifications to make
sure they are synched at all times?)