[CentOS] Samba authentication against 389 DS

Wed Feb 27 15:27:41 UTC 2013
Craig White <craig.white at ttiltd.com>

On Feb 27, 2013, at 8:22 AM, Todor Petkov wrote:

> Hello,
> 
> I am using Centos 6 with 389 DS. Everything is working, I can 
> authenticate my users against it etc.
> 
> Now I am trying to make Samba authenticate against the LDAP by 
> following http://directory.fedoraproject.org/wiki/Howto:Samba
> 
> However, it seems that Samba does not read the 'password' value, but 
> 'sambaNTPassword'. I wrote in 389-DS mailing list and they said, that 
> there is no way to make Samba read the 'password'. So I must end with 
> two password (Samba and "normal" one). I can not sync them, since crypt 
> algorithms are different and I can not just copy/paste the password to 
> sambaNTPassword.
> 
> Did someone else had this issue? I need some file sharing software (can 
> be even a web application), which can authenticate against LDAP, so all 
> the people have one password for authentication.

----
a lot of different ways to handle this - it all depends upon which language/tools you use.

I have used Webmin LDAP Users & Groups module which can set the sambaNTPassword and userPassword to the same value after encryption.

I have also written a framework application in ruby on rails for my current employer which does this and much much more.

There is also a smbldap-tools perl toolkit which can integrate with samba and can do the same thing.

Craig