[debian-edu-commits] r79576 - in branches/wheezy/debian-edu-config: debian etc/samba
sunweaver at alioth.debian.org
sunweaver at alioth.debian.org
Mon Apr 1 13:51:31 UTC 2013
Author: sunweaver
Date: 2013-04-01 13:51:31 +0000 (Mon, 01 Apr 2013)
New Revision: 79576
Modified:
branches/wheezy/debian-edu-config/debian/changelog
branches/wheezy/debian-edu-config/etc/samba/smb-debian-edu.conf
Log:
Fix passwd sync in Samba, point users to using GOsa?\194?\178 for password changes.
(Partially resolves: #656296).
Modified: branches/wheezy/debian-edu-config/debian/changelog
===================================================================
--- branches/wheezy/debian-edu-config/debian/changelog 2013-04-01 13:43:22 UTC (rev 79575)
+++ branches/wheezy/debian-edu-config/debian/changelog 2013-04-01 13:51:31 UTC (rev 79576)
@@ -3,6 +3,8 @@
* Mount /var/lib/udisks rw on diskless workstations. (Closes: #629054,
#629055).
* Use my @debian.org mail address in Uploaders: field.
+ * Fix passwd sync in Samba, point users to using GOsa² for password changes.
+ (Partially resolves: #656296).
-- Mike Gabriel <sunweaver at debian.org> Mon, 01 Apr 2013 15:26:19 +0200
Modified: branches/wheezy/debian-edu-config/etc/samba/smb-debian-edu.conf
===================================================================
--- branches/wheezy/debian-edu-config/etc/samba/smb-debian-edu.conf 2013-04-01 13:43:22 UTC (rev 79575)
+++ branches/wheezy/debian-edu-config/etc/samba/smb-debian-edu.conf 2013-04-01 13:51:31 UTC (rev 79576)
@@ -95,6 +95,18 @@
# PAM setup
obey pam restrictions = no
+# passwd sync
+
+ # sync LDAP password
+ ldap passwd sync = yes
+
+ # sync Kerberos password via kadmin.local
+ unix password sync = yes
+ passwd program = /usr/sbin/kadmin.local -q 'cpw %u'
+ passwd chat = "Authenticating as principal*"\n"Enter password for principal *"%u"*:*" %n\n \n"Re-enter password for principal *"%u"*:*" %n\n \n"Password for *"%u"@* changed."\n
+ # dangerous: if you set the below parameter to yes, Samba will reveal clear text password in Samba log files...
+ passwd chat debug = no
+
# Printer settings
load printers = yes
@@ -182,10 +194,6 @@
read raw = yes
write raw = yes
- # make sure samba password changes reach NT+LM hashes, userPassword and Kerberos
- pam password change = yes
- unix password sync = no
-
# no offline cache of shares
csc policy = disable
More information about the debian-edu-commits
mailing list