[KLUG Members] ldap password synchronization project

[Dirk H Bartley]

On Mon, 2005-03-14 at 09:07 -0500, Adam Tauno Williams wrote:
> > This sounds interesting. Is this a project someone is looking to start,
> > or discussion of a current project or product that does? Novell has
> > Identity Manager (formerly DirXML) that does this. It is rather pricey
> > though.
> > If an app is ldap enabled, why not just authenticate against the
> > directory? 
> 
> Various services require the password in specific forms.  smbk5pwd hooks into 
> LDAP's password modify operation and makes a Kerberos (heimdal), lmhash, and 
> nthash of the password in addition to the configured userpassword crypt.
> 
> These aren't meant for use by applications, which as you said should 
> authenticate to the directory; but for 'tier 2' services like RADIUS, Samba, 
> Heimdal, etc...

Where are the docs for setting up??  Are there limitations.  Does this
mean that a set of password hashes can be changed in any way ( like with
the passwd command) and all others will be synchronized??

I think I am still a little unclear of the details.

Did a google search for smbk5pwd and got a email conversation between
Adam and someone else when I was hoping for a project home page with
info on how to install and configure.

Dirk
> _______________________________________________
> Members mailing list
> Members at kalamazoolinux.org
>