[KLUG Members] ldap password synchronization project
Adam Tauno Williams
adam at morrison-ind.com
Mon Mar 14 09:07:29 EST 2005
> This sounds interesting. Is this a project someone is looking to start,
> or discussion of a current project or product that does? Novell has
> Identity Manager (formerly DirXML) that does this. It is rather pricey
> though.
> If an app is ldap enabled, why not just authenticate against the
> directory?
Various services require the password in specific forms. smbk5pwd hooks into
LDAP's password modify operation and makes a Kerberos (heimdal), lmhash, and
nthash of the password in addition to the configured userpassword crypt.
These aren't meant for use by applications, which as you said should
authenticate to the directory; but for 'tier 2' services like RADIUS, Samba,
Heimdal, etc...
More information about the Members
mailing list