Forums

Resolved
0 votes
I'm trying to set up password sync for samba as users can't change their passwords using ctr + alt + del. In the end I was able to get this to work using ldap password sync = Yes In the /etc/samba/smb.ldap.conf

However this seems to reset back to No after a server reboot which is obviously a problem as I would like staff to be able to reset their passwords using this.

What I would like to know is:
1) Is it safe to delete this from smb.ldap.conf and put it into smb.conf without any issues what so ever?
2) Why is this resetting and if I can't do 1) How to I configure my clearos to allow users to change their passwords using ctrl + alt + del?
Friday, August 07 2015, 11:39 AM
Share this post:
Responses (4)
  • Accepted Answer

    Tuesday, August 18 2015, 08:32 PM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    hmm. I think I'd like to retract my last reply. I did not realise you were flipping a pre-existing parameter. In this case, if you remove it from smb.ldap.conf, it is likely that ClearOS will recreate it. Also, if it is set to No there, there is probably a good reason. You'll need to devs to post.

    You could try to experiment, setting "ldap password sync" above or below the "include = /etc/samba/smb.ldap.conf" line in smb.conf and see which takes precedence or even if samba allows it to be set twice.


    Nick, thanks I'll try this on a test server first before trying to change it on a live environment don't want to break anything. It seems weird that the devs would stop this from working by default, I have done some researching regarding this some people say it's slow to change passwords when using it but when I've enabled it, seemed pretty quick to me.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, August 18 2015, 08:27 PM - #Permalink
    Resolved
    0 votes
    hmm. I think I'd like to retract my last reply. I did not realise you were flipping a pre-existing parameter. In this case, if you remove it from smb.ldap.conf, it is likely that ClearOS will recreate it. Also, if it is set to No there, there is probably a good reason. You'll need to devs to post.

    You could try to experiment, setting "ldap password sync" above or below the "include = /etc/samba/smb.ldap.conf" line in smb.conf and see which takes precedence or even if samba allows it to be set twice.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, August 18 2015, 11:28 AM - #Permalink
    Resolved
    0 votes
    If I were a guessing man I'd say that smb.ldap.conf is a ClearOS file rather than a file native to any samba installations and that ClearOS have a bit of magic to automatically maintain this file so your changes get overwritten. They do very little automatic overwriting of smb.conf, mainly flipping a few parameters you see on the Windows Networking screen and they also maintain the "interfaces" line stopping you putting in a WAN interface.

    Just try putting the line in smb.conf and see if it works. If it works but keeps getting reset then you can try adding it to a new file and add an "include" line to smb.conf to point to it. I use this method to manually define my shares (I don't use flexshares) and I've never seen my file or the "include" line get overwritten.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, August 18 2015, 10:49 AM - #Permalink
    Resolved
    0 votes
    *bump*
    Changed the group as it may be in the wrong place, would really like advice with this as I would of expected this to be a core feature in clearos for domain joining and to not be available seems weird.
    The reply is currently minimized Show
Your Reply