Thanks William.
From all my research and testing I didn't think it could, but I wanted
the confirmation.
Someone mentioned using freeipa -- which has the password sync ability.
I'll look into the possibility of syncing my user/password
DB to freeipa and use it to authenticate samba shares.
I can't switch to freeipa outright since it doesn't support the hash
compatible with Google gsync.
Cheers,
On 3/7/19 5:55 PM, William Brown wrote:
> On 8 Mar 2019, at 07:11, Janet H <houser(a)nso.edu> wrote:
>
> I want to be able to change the LDAP password (userPassword) and have that then
update the sambaNTPassword.
>
> I have been googling for days and ran across the suggestion to use the smbkrb5pwd
overlay but that looks specific to openldap and not DS-389.
>
> I know there must be a way to update the userPassword field and have that push out to
the samba password but I can't find anything useful.
Sad to say, this feature is not available today. I have wanted to implement it for a
number of years due to the integration with freeradius for wifi, but it has just never
come up as a priority.
To do it “properly” we want to rearchitect the password handling in 389 to be more “pam
like” first, so that modules for this kind of functionality can be easier developed.
—
Sincerely,
William Brown
Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
--
Dr. J.L. Houser
Senior Systems Administrator
National Solar Observatory
3665 Discovery Drive
Boulder, CO 80303
Office Phone: (303) 735-7357