[KLUG Members] ldap password synchronization project

Adam Tauno Williams adam at morrison-ind.com
Mon Mar 14 09:07:29 EST 2005

Previous message: [KLUG Members] ldap password synchronization project
Next message: [KLUG Members] ldap password synchronization project
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> This sounds interesting. Is this a project someone is looking to start,
> or discussion of a current project or product that does? Novell has
> Identity Manager (formerly DirXML) that does this. It is rather pricey
> though.
> If an app is ldap enabled, why not just authenticate against the
> directory? 

Various services require the password in specific forms.  smbk5pwd hooks into 
LDAP's password modify operation and makes a Kerberos (heimdal), lmhash, and 
nthash of the password in addition to the configured userpassword crypt.

These aren't meant for use by applications, which as you said should 
authenticate to the directory; but for 'tier 2' services like RADIUS, Samba, 
Heimdal, etc...

Previous message: [KLUG Members] ldap password synchronization project
Next message: [KLUG Members] ldap password synchronization project
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list