Samba - password integration or synchronization
In my environment UNIX/Linux users, groups and passwords are contained in an Open LDAP server which distributes the information to NIS.
Samba is used to provide users a way to access their UNIX/Linux files from Windows clients.
Today the samba users are managed seperately, using the password file backend, which is a bit unconvenient. The linux techs need to manually create samba users on request, and users need to manage their samba password seperately from their global UNIX/Linux password.
In other words, I'm looking for some way to either integrate samba authentication into the existing infrastructure, meaning either LDAP or NIS. Or, create a functional way for samba passwords to be updated along with the UNIX/Linux password.
I know samba is capable of updating passwords when they are changed through CIFS, but in this case the users manage their password from the Linux side while Samba is only an auxiliary service.
To support the exisiting LDAP/NIS solution, the passwd command have been replaced by a script that commits password changes directly to LDAP.
One thinkable solution might be to use the ldap backend for samba, and modify the passwd script to also update a samba password that is stored in LDAP. Though, I'm not sure this is the way to go.
Is there anyone here who have implemented a working solution for this kind of environment? Or even if you haven't - any ideas you might have on the subject is very welcome.
|