[sork] samba ldap passwd driver

Shane Boulter sboulter at ariasolutions.com
Thu May 6 08:46:17 PDT 2004


oops...let me try that again...hopefully here are both again.

shane



Jan Schneider wrote:
> Zitat von Shane Boulter <sboulter at ariasolutions.com>:
> 
>> Hi all here is a passwd driver to change the ldap, samba nt and lm
>> password stored in ldap.  It's basically just a modified version of the
>> ldap driver with two more modify statements.  It also requires the
>> mkntpwd binary and that is documented in the backends.php.dist file.
> 
> 
> You only attached the patch to backends.php.dist, not the driver itself.
> 
> Jan.
> 
> -- 
> http://www.horde.org - The Horde Project
> http://www.ammma.de - Neue Wege des Lernens
> http://www.tip4all.de - Deine private Tippgemeinschaft
-------------- next part --------------
--- backends.php.dist	Wed May  5 05:21:39 2004
+++ backends.php.new	Wed May  5 05:25:54 2004
@@ -41,6 +41,7 @@
  * driver:    The Passwd driver used to change the password. Valid
  *            Valid values are currently:
  *              ldap         Change the password on a ldap server
+ *		smbldap	     Change the password on a ldap server for both ldap and samba auth
  *              sql          Change the password for sql authentication
  *                           (exim, pam_mysql, horde)
  *              poppassd     Change the password via a poppassd server
@@ -166,6 +167,32 @@
 	'tls' => false // make sure the host == cn in the server certificate
     )
 );
+
+// NOTE: to set the ldap userdn, see horde/config/hooks.php
+// NOTE: to make work with samba 2.x schema you must change lm_attribute and nt_attribute
+$backends['smbldap'] = array(
+    'name' => 'Example SMBLDAP server',
+    'preferred' => 'www.example.com',
+    'password policy' => array(
+        'minLength' => 3,
+        'maxLength' => 8
+    ),
+    'driver' => 'smbldap',
+    'params' => array(
+        'host' => 'localhost',
+        'port' => 389,
+        'basedn' => 'o=example.com',
+        'uid' => 'uid',
+        'realm' => '', // this will be appended to the username when
+                       // looking for the userdn.
+        'encryption' => 'crypt',
+        'tls' => false, // make sure the host == cn in the server certificate
+	'mkntpwd_cmd' => '/usr/local/sbin/mkntpwd', //locations of the mkntpwd executable
+	'lm_attribute' => 'sambaLMPassword',
+	'nt_attriubte' => 'sambaNTPasswrod'
+    )
+);
+
 
 $backends['sql'] = array (
     'name' => 'Horde Authentication',


More information about the sork mailing list