[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ppolicy & sambaNTPassword



Ralf Zimmermann schrieb:
> Hi Christian,
> 
> * Christian Manal <moenoel@informatik.uni-bremen.de> [16.02.2010 16:05]:
>>> the option  'ldap passwd sync'  is set  to yes. I  will looking to  the overlay
>>> smbk5pwd again. But I think it will not resolve the problem because samba makes
>>> a modify for the samba attributes.
>>>
>>> We  have a  default  ppolicy.  But this  policy  works  only with  pwdAttribute
>>> userPassword not with  sambaNTPassword. The problem is, that a  User can change
>>> his password with a Windows Client.  The sambaNTPassword is always set whatever
>>> in the policy is configured.
>>>
>> If you set 'ldap passwd sync' to 'only' the Samba server triggers an
>> extended operation for password change and doesn't touch the Samba
>> attributes. smbk5pwd will take care of the Samba passwords.
>>
>>
>> Best regards,
>> Christian Manal
> 
> thanks, I take a  look at smbk5pwd. Must I install heimdal  kerberos? I need it
> only for samba and we have installed mit kerberos.
> 
>

You can disable Kerberos support in the Makefile.


Best regards,
Christian Manal