password synchronization with samba3
Christian
chanlists at googlemail.com
Mon Mar 3 03:54:08 EST 2014
>> we have an odd scenario here where we would like to synchronize
>> passwords in Kerberos with a Samba3 PDC. One option I see is the
>> kadm5_hook interface, so something like krb5-sync
>> (http://www.eyrie.org/~eagle/software/krb5-sync/) targeted at syncing
>> with samba3. Is anybody aware of projects or code or other options?
>
> I suspect that krb5-sync would just work. The password synchronization is
> done via the kpasswd protocol, which I'm fairly sure that Samba3 supports.
Hm. I was thinking about the NTLMv2 password... We have an existing
Samba3 NT4 style domain. Passwords are stored in the ldap backend, so
the kadm5_hook could just write to ldap.
In the long run, this is probably not a viable solution. I have looked
at samba4, but it looks like I would have to replace all the services
that work so well for our unix client now - openldap, kerberos, ...,
with samba just for the windows clients. What do other people do? Best,
Christian
More information about the Kerberos
mailing list