Quantcast

Samba4 password hook

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Samba4 password hook

Samba - General mailing list
Hi,

Sorry if this question has already been raised.

I would like if there is a tool/hook enabling to catch a Samba4 AD
password change. The password change would be synchronized to an
OpenLDAP userPassword attribute.

Thanks for your answer

Simon

--
Message envoyé grâce à OBM <http://obm.org>, la Communication Libre par
Linagora <http://www.linagora.com/>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba4 password hook

Samba - General mailing list
On Thu, 2017-04-27 at 19:15 +0200, Simon ELBAZ via samba wrote:
> Hi,
>
> Sorry if this question has already been raised.
>
> I would like if there is a tool/hook enabling to catch a Samba4 AD 
> password change. The password change would be synchronized to an 
> OpenLDAP userPassword attribute.
>
> Thanks for your answer

See the new support added in Samba 4.5 to store an extra copy of the
plaintext password GPG encrypted.  Details are in the WHATSNEW.

There is (we just need to agree some final details) on an additional
patch set for 4.7 that will also store just the hashed password.

Thanks,

Andrew Bartlett

--
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba4 password hook

Samba - General mailing list
Hi Andrew,

I try to understand the point of storing the hashed password. Is there
any documentation I could read to help ?

Thanks

Simon Elbaz


Le 27/04/2017 à 21:07, Andrew Bartlett a écrit :

> On Thu, 2017-04-27 at 19:15 +0200, Simon ELBAZ via samba wrote:
>> Hi,
>>
>> Sorry if this question has already been raised.
>>
>> I would like if there is a tool/hook enabling to catch a Samba4 AD
>> password change. The password change would be synchronized to an
>> OpenLDAP userPassword attribute.
>>
>> Thanks for your answer
> See the new support added in Samba 4.5 to store an extra copy of the
> plaintext password GPG encrypted.  Details are in the WHATSNEW.
>
> There is (we just need to agree some final details) on an additional
> patch set for 4.7 that will also store just the hashed password.
>
> Thanks,
>
> Andrew Bartlett
>

--
Simon Elbaz
@Linagora
Mob: +33 (0) 6 38 99 18 34
Tour Franklin 31ème étage
100/101 Quartier Boieldieu
92042 La Défense
FRANCE

--
Message envoyé grâce à OBM <http://obm.org>, la Communication Libre par
Linagora <http://www.linagora.com/>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba4 password hook

Samba - General mailing list
After reading the OpenLDAP documentation, I understand the point of
storing the duplicate hashed password. This way, it may be directly used
to store it into the userPassword attribute in OpenLDAP.

Is there a way I can help getting the patch ready ?

Thanks

Simon Elbaz


Le 11/05/2017 à 18:24, Simon ELBAZ a écrit :

>
> Hi Andrew,
>
> I try to understand the point of storing the hashed password. Is there
> any documentation I could read to help ?
>
> Thanks
>
> Simon Elbaz
>
>
> Le 27/04/2017 à 21:07, Andrew Bartlett a écrit :
>> On Thu, 2017-04-27 at 19:15 +0200, Simon ELBAZ via samba wrote:
>>> Hi,
>>>
>>> Sorry if this question has already been raised.
>>>
>>> I would like if there is a tool/hook enabling to catch a Samba4 AD
>>> password change. The password change would be synchronized to an
>>> OpenLDAP userPassword attribute.
>>>
>>> Thanks for your answer
>> See the new support added in Samba 4.5 to store an extra copy of the
>> plaintext password GPG encrypted.  Details are in the WHATSNEW.
>>
>> There is (we just need to agree some final details) on an additional
>> patch set for 4.7 that will also store just the hashed password.
>>
>> Thanks,
>>
>> Andrew Bartlett
>>
>
> --
> Simon Elbaz
> @Linagora
> Mob: +33 (0) 6 38 99 18 34
> Tour Franklin 31ème étage
> 100/101 Quartier Boieldieu
> 92042 La Défense
> FRANCE
> --
> Message envoyé grâce à OBM <http://obm.org>, la Communication Libre
> par Linagora <http://www.linagora.com/>

--
Simon Elbaz
@Linagora
Mob: +33 (0) 6 38 99 18 34
Tour Franklin 31ème étage
100/101 Quartier Boieldieu
92042 La Défense
FRANCE

--
Message envoyé grâce à OBM <http://obm.org>, la Communication Libre par
Linagora <http://www.linagora.com/>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Loading...