[debian-edu-commits] r79569 - in trunk/src/debian-edu-config: debian etc/samba
mike-gabriel-guest at alioth.debian.org
mike-gabriel-guest at alioth.debian.org
Mon Apr 1 12:53:32 UTC 2013
Author: mike-gabriel-guest
Date: 2013-04-01 12:53:32 +0000 (Mon, 01 Apr 2013)
New Revision: 79569
Modified:
trunk/src/debian-edu-config/debian/changelog
trunk/src/debian-edu-config/etc/samba/smb-debian-edu.conf
Log:
Fix passwd sync in Samba, point users to using GOsa?\194?\178 for password changes.
(Partially resolves: #656296).
Modified: trunk/src/debian-edu-config/debian/changelog
===================================================================
--- trunk/src/debian-edu-config/debian/changelog 2013-04-01 10:42:35 UTC (rev 79568)
+++ trunk/src/debian-edu-config/debian/changelog 2013-04-01 12:53:32 UTC (rev 79569)
@@ -1,3 +1,10 @@
+debian-edu-config (1.456) UNRELEASED; urgency=low
+
+ * Fix passwd sync in Samba, point users to using GOsa² for password changes.
+ (Partially resolves: #656296).
+
+ -- Mike Gabriel <mike.gabriel at das-netzwerkteam.de> Mon, 01 Apr 2013 14:52:07 +0200
+
debian-edu-config (1.455) squeeze; urgency=low
[ Wolfgang Schweer ]
Modified: trunk/src/debian-edu-config/etc/samba/smb-debian-edu.conf
===================================================================
--- trunk/src/debian-edu-config/etc/samba/smb-debian-edu.conf 2013-04-01 10:42:35 UTC (rev 79568)
+++ trunk/src/debian-edu-config/etc/samba/smb-debian-edu.conf 2013-04-01 12:53:32 UTC (rev 79569)
@@ -95,6 +95,18 @@
# PAM setup
obey pam restrictions = no
+# passwd sync
+
+ # sync LDAP password
+ ldap passwd sync = yes
+
+ # sync Kerberos password via kadmin.local
+ unix password sync = yes
+ passwd program = /usr/sbin/kadmin.local -q 'cpw %u'
+ passwd chat = "Authenticating as principal*"\n"Enter password for principal *"%u"*:*" %n\n \n"Re-enter password for principal *"%u"*:*" %n\n \n"Password for *"%u"@* changed."\n
+ # dangerous: reveals clear text password in Samba log files...
+ passwd chat debug = no
+
# Printer settings
load printers = yes
@@ -182,10 +194,6 @@
read raw = yes
write raw = yes
- # make sure samba password changes reach NT+LM hashes, userPassword and Kerberos
- pam password change = yes
- unix password sync = no
-
# no offline cache of shares
csc policy = disable
More information about the debian-edu-commits
mailing list