[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: hdb-ldap backend and Samba integration
Andrew Bartlett wrote:
> On Wed, 2006-12-13 at 16:39 +0100, Laurent Pinchart wrote:
>> Hi everybody.
>> Disclaimer: I'm new to Heimdal and Kerberos in general. Despite having read
>> lots of documentation (down to the Kerberos RFCs), I might still ask
>> newbie-level questions.
>> I'm trying to setup Heimdal, LDAP and Samba to play together. After a week
>> spent reading various sources of documentation, and installing a Heimdal
>> Kerberos KDC, I think I found the right way to go.
>> I installed OpenLDAP-2.3.29, Heimdal-0.7.2 and Samba. Heimdal is configured
>> with the LDAP backend, which works properly. I'm able to add principals to
>> the realm, things are fine so far.
>> To integrate Heimdal and Samba, I plan to use the smbk5pwd overlay on OpenLDAP
>> which changes all the user credentials (Samba hashes and Kerberos hashes)
>> itself when an password change extended operation is requested. This requires
>> Heimdal principal information and Samba account information to be stored in a
>> single common entry in the LDAP directory.
> Has someone revived that module? I asked for it to be written, then
> never actually used it. Last I heard it has bitrotted. It would be
> great news it if was going again.
Where did you hear that it was rotting? It's always been up to date and
is in active use...
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/