如何配置 samba 以使用 ladp attr“userPassword”密码,或者配置 ldap 当 attr“userPassword”改变时“sambaNTPassword”也会改变?

如何配置 samba 以使用 ladp attr“userPassword”密码,或者配置 ldap 当 attr“userPassword”改变时“sambaNTPassword”也会改变?

我安装了samba-4.1.12-24.el7_1.x86_64openldap-2.4.39-7.el7.centos.x86_64自助密码为 ladp 用户更改密码。

我注意到自助密码将改变 ldap 属性用户密码的价值。

配置完 smaba 后,我现在可以从我的 Windows PC 登录到\文件服务器\共享帐户在 ldap 中存在成功。

但看起来 samba 会使用sambaNT密码作为用户密码所以,我的问题是: 1. 是否可以使用 ldap attr 配置 samba用户密码2. 如果问题 1 的答案为否,当用户更改 ldap 属性时有什么方法用户密码自助密码, 然后sambaNT密码也会改变吗?

ldap 中的用户信息之一是:

dn: uid=test,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: sambaSamAccount
objectClass: posixAccount
ou: people
cn: test
sn: test
uid: test
userPassword: {SHA}fEqNCco3Yq9h5ZUglD3CZJT4lBs=
mail: [email protected]
sambaSID: S-1-5-21-2877438406-135960529-4133751732-1102
sambaNTPassword: 9b33b03590e779419a0a162519590025
sambaPwdLastSet: 1447826752
uidNumber: 1102
homeDirectory: /home/test
sambaPrimaryGroupSID: S-1-5-21-2877438406-135960529-4133751732-5000
gidNumber: 5000

samba配置:

     testparm 
    Load smb config files from /etc/samba/smb.conf
    rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
    Processing section "[homes]"
    Processing section "[printers]"
    Processing section "[shared]"
    Loaded services file OK.
    Server role: ROLE_STANDALONE
    Press enter to see a dump of your service definitions

    [global]
            workgroup = DY-FILESERVER
            netbios name = SMBSERVER
            server string = Samba Server Version %v
            passdb backend = ldapsam:ldap://localhost
            log file = /var/log/samba/log.%m
            max log size = 50
            ldap admin dn = cn=root,dc=example,dc=com
            ldap suffix = dc=example,dc=com
            ldap user suffix = ou=people
            idmap config * : backend = tdb
            cups options = raw

    [homes]
            comment = Home Directories
            read only = No
            browseable = No

    [printers]
            comment = All Printers
            path = /var/spool/samba
            printable = Yes
            print ok = Yes
            browseable = No

    [shared]
            comment = shared dir for ldap users
            path = /opt/ftpdata
            writable = yes
            read only = No

答案1

抱歉,我没有读过完整的文档自助密码,也可以配置为改变

$samba_mode = true;

经过此配置后,自助密码将更改两个属性 userPassword sambaNTpassword

相关内容