Michael Cronenworth wrote: > I have a Samba server acting as a PDC with Fedora Directory Server > running as the LDAP server, which holds all the users and passwords of > the domain. Everything is properly configured and running great. > Changing passwords from within a Windows machine changes both NT and > UNIX passwords. > > However, I can't seem to find out how to sync NT and UNIX passwords from > a Linux client. I can set my Linux client to use LDAP auth, but it only > changes the UNIX password. I occasionally login to a Windows VM and > would like to use /one/ set of username and password credentials. I > /cannot/ have two passwords (please, don't ask why). Right now I'm > having to manually sync NT and UNIX passwords since my Linux client is > my main machine. > You are not going to find a way to easily sync the two password lists for existing passwords. You would have to crack the passwords in one list, and use that to change the passwords in the other list. (It is probably easier to crack the NT passwords...) > Yes, I know about smbldap-tools and that's what I have the PDC using, > but I'm looking for a solution that uses the system "passwd" command to > change passwords. If there is no other way, fine, just tell me and I'll > use smbldap-tools on my Linux client. > Take a look at using PAM for this. You will have to do some searching, but there is a module you can add to /etc/pam.d/passwd so that it will change the Samba password at the same time. > > P.S. The Samba programmer who thought it would be awesome to have > separate password keeping should be shot. > It was not a Samba programmer. The only way to use the same password database would be to use clear text passwords with Samba. The problem is that Windows and Linux use two different password hashes, so it does no good to compare the encrypted password that Windows sends to the encrypted password in /etc/shadow. Both are "one way" hashes, so you can not easily get the password from the hash of the password. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Description: OpenPGP digital signature