[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unix auth via LDAP & now need to add Samba!

Ah, win->ldap authentication. :)

If you want Windows to authenticate off OpenLDAP, you'd have to use a GINA module on windows. There are GINA modules out there that let you authenticate against a LDAP server.

Alternatively, you can also run a OpenLDAP replica with back-perl on your PDC and have the LDAP accounts sync'ed that way. That's what I'm working on. The NT user passwords changes get set to the LDAP server via a password dll on the PDC, while all other account changes are done on the main LDAP server.


David Wright wrote:

3) Suppose (horror horabilis) I were willing to give up the requirement that Unix passwords are stored in hashed form. Could I get Windows clients to authenticate off Unix passwords? I don't just mean for filesharing, but for user login -- the idea would be to replace Active Directory. How would this work in detail (i.e. do smbPassword and userPassword become a single attribute? or do I need some funky pam_ldap module modifications to make sure they are synched at all times?)