I'm trying to set up password sync for samba as users can't change their passwords using ctr + alt + del. In the end I was able to get this to work using ldap password sync = Yes In the /etc/samba/smb.ldap.conf
However this seems to reset back to No after a server reboot which is obviously a problem as I would like staff to be able to reset their passwords using this.
What I would like to know is:
1) Is it safe to delete this from smb.ldap.conf and put it into smb.conf without any issues what so ever?
2) Why is this resetting and if I can't do 1) How to I configure my clearos to allow users to change their passwords using ctrl + alt + del?
However this seems to reset back to No after a server reboot which is obviously a problem as I would like staff to be able to reset their passwords using this.
What I would like to know is:
1) Is it safe to delete this from smb.ldap.conf and put it into smb.conf without any issues what so ever?
2) Why is this resetting and if I can't do 1) How to I configure my clearos to allow users to change their passwords using ctrl + alt + del?
Share this post:
Responses (4)
-
Accepted Answer
-
Accepted Answer
If I were a guessing man I'd say that smb.ldap.conf is a ClearOS file rather than a file native to any samba installations and that ClearOS have a bit of magic to automatically maintain this file so your changes get overwritten. They do very little automatic overwriting of smb.conf, mainly flipping a few parameters you see on the Windows Networking screen and they also maintain the "interfaces" line stopping you putting in a WAN interface.
Just try putting the line in smb.conf and see if it works. If it works but keeps getting reset then you can try adding it to a new file and add an "include" line to smb.conf to point to it. I use this method to manually define my shares (I don't use flexshares) and I've never seen my file or the "include" line get overwritten. -
Accepted Answer
hmm. I think I'd like to retract my last reply. I did not realise you were flipping a pre-existing parameter. In this case, if you remove it from smb.ldap.conf, it is likely that ClearOS will recreate it. Also, if it is set to No there, there is probably a good reason. You'll need to devs to post.
You could try to experiment, setting "ldap password sync" above or below the "include = /etc/samba/smb.ldap.conf" line in smb.conf and see which takes precedence or even if samba allows it to be set twice. -
Accepted Answer
Nick Howitt wrote:
hmm. I think I'd like to retract my last reply. I did not realise you were flipping a pre-existing parameter. In this case, if you remove it from smb.ldap.conf, it is likely that ClearOS will recreate it. Also, if it is set to No there, there is probably a good reason. You'll need to devs to post.
You could try to experiment, setting "ldap password sync" above or below the "include = /etc/samba/smb.ldap.conf" line in smb.conf and see which takes precedence or even if samba allows it to be set twice.
Nick, thanks I'll try this on a test server first before trying to change it on a live environment don't want to break anything. It seems weird that the devs would stop this from working by default, I have done some researching regarding this some people say it's slow to change passwords when using it but when I've enabled it, seemed pretty quick to me.
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »