Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I would like somebody to clarify me the options I have to integrate a Samba fileserver running under Debian with openldap.
We have an openldap server that we manage with a custom web interface we developed. Users have unixAccount object class and their password is stored encrypted via SSH on the userPassword attribute.
As far as I understand, there are two options:
1) Set up samba as described everywhere and add to each user the sambaSamAccount object class and the sambaLMPassword and sambaNTPassword attributes. That would work perfectly but the problem I see is that both of these password attributes are like "clear text" because they are weakly encrypted and this would also force everyone to change his password.
2) Set up samba to authenticate against pam, having pam to work with ldap. Would be perfect but the problem is that it seems that you have to force the clients to not send the password encrypted, and in order to each client computer to do that, you will have to tweak its registry......
The only thing I want is to authenticate the password against the ldap instead of the smbpasswd file. Why the samba daemon can't just do a bind with the supplied password against the ldap server like postfix, courier-imap, etc,etc??
Do I have any other option or any way to workaround the problems described here?