Hi Folks,
I'm running DS-389 (version: 1.3.7.5 ; Build: 2018.178.1311) on a Cent
OS 7 (vs. 7.6.1810) system. I've been working through creating a Samba 4
server and using LDAP authentication to my DS-389 server. I've managed
to get through most everything but I'm running into an issue with how
passwords are working. From the Samba box I can user the command
"smbpasswd -a testuser" and it will change the Samba NT password
internal to the DS-389 system along with the LDAP userPassword. I can
then use this new password to login to linux systems using ssh and into
my Samba shares from a Windows 10 system. But this isn't how I want the
system to run..... I want to be able to change the LDAP password
(userPassword) and have that then update the sambaNTPassword. I have
been googling for days and ran across the suggestion to use the
smbkrb5pwd overlay but that looks specific to openldap and not DS-389. I
know there must be a way to update the userPassword field and have that
push out to the samba password but I can't find anything useful. I'm
hoping folks might have some suggestions on how to get the two passwords
to sync. My smb.conf file looks like the following (scrubbed for
security): # See smb.conf.example for a more detailed config file or #
read the smb.conf manpage. # Run 'testparm' to verify the config is
correct after # you modified it. [global] workgroup = SAMBA
security = user passdb backend =
ldapsam:ldap://192.168.1.10 ldap suffix = dc=abc,dc=edu
ldap user suffix = ou=People ldap group suffix = ou=Groups
ldap delete dn = no ldap admin dn = cn=Directory
Manager ldap passwd sync = Yes ldap ssl = start_tls
log level = 5 passdb:5 auth:5 printing = cups
printcap name = cups load printers = yes cups options =
raw unix charset = UTF-8 dos charset = CP932
hosts allow = 127. 192.168.1. # max protocol = SMB2 map to
guest = Bad User [homes] valid users = @smbgroup
browsable = no writable = yes [printers] comment = All
Printers path = /var/tmp printable = Yes create
mask = 0600 browseable = No [print$] comment = Printer
Drivers path = /var/lib/samba/drivers write list =
@printadmin root force group = @printadmin create mask =
0664 directory mask = 0775 [Anonymous share] path =
/samba/anonymous_share writable = yes browsable = yes
guest ok = yes guest only = yes create mode =
0777 directory mode = 0777 Thanks in advance!
Show replies by date