Any volunteers? Mark McLoughlin posted some pyldap code that does this, and I believe OpenLDAP has a samba module/overlay that does this.
Roger Spencer wrote:
Craig White wrote:<..snip..>---- I am unclear how you are doing authentication by Windows users to the network in a normal login...via AD? anyway, my inclination is to setup Fedora-DS to use samba schema http://directory.fedora.redhat.com/wiki/Howto:Samba as that would give you a sambaNTPassword attribute which is normally the hashed password as expected but how that relates to question #2...updating the hash when the user changes their password...I suppose that would depend upon the chain of events that occur where/when the user changes their password...how is this information going to be sent to fedora-ds? Craig -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-usersWhen I arrived on the scene, network authentication for windows clients consisted of setting a local user id and password on a PC and setting the same user id and password on a stand-alone samba server. Of course, users had different ids for email, vpn, shared-keys for wireless, etc. and passwords never changed (there was a partial NIS setup going, so all was not bleak).What I'm doing is consolidating it all into FDS with the benifit of a password policy. The samba schema worked great and also gets samba using FDS for authentication. But this leaves one question: what to do about having two sets of passwords in FDS?With samba running as an NT domain controller, and having PCs join the domain, samba should take care of keeping the sambantpassord correct when a Windows user changes their password. But what of the userpassord attribute? What happens when that same user does an ssh session into a Linux server, which if I understand correctly, will use the userpassword attribute for authentication?Is there a way to keep the two password attributes in sync? I'm not sure if it's possible to have all devices needing to do authentication to use the NT style.------------------------------------------------------------------------ -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
