[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Samba, ldap and adding machine accounts.

Anyone know samba details enough to give some answers to my questions?
I discussed this briefly on IRC, and I discovered that I am still
wondering how samba and Windows works.  Anyone got glues to spare?

If we move the Machines LDAP tree as a subtree of People, would it be
enough to give samba write access to the Machines tree, or does it
also need write access in People?  I suspect it need write access to
People too, but would like to have it verified.

During what kind of operations do samba need write access to the LDAP
tree?  I'm aware of these operations.  Are there others?

 - Adding a host to the SMB domain
 - Logging a user into a host in the SMB domain
 - Changing password of a user
 - Removing a host from the SMB domain

What attributes does it need to read and write to in LDAP and where in
the LDAP tree does it need to read and write during these operations?

Can we block password changes from windows, or can we make password
changes from windows update both the UNIX-hash and the windows hashes?
I do not want users to end up with different passwords on Windows and
UNIX.
Reply to: