I have recently completed a migration from Lotus Notes to SOGo, using
OpenLDAP, Dovecot and MySQL as the backends. Notes was Windows based and
I wanted to take the opportunity to migrate to SAMBA and integrate it to
the LDAP DIT at the same time.
Now the migration is complete, I would like users to be able to change
their passwords. I enabled SOGoPasswordChangeEnabled and tested a
password change via preferences in the SOGo web interface. It would
appear this does an LDAP MODIFY operation on the userPassword attribute.
To keep the SAMBA and Linux passwords in sync, I have found this great
overlay for OpenLDAP:
http://www.opinsys.fi/en/smbkrb5pwd-password-syncing-for-openldap-mit-kerberos-and-samba
However, it relies on the password being changed by an LDAP EXOP
operation. PAM can do this for Linux and SAMBA can be configured to
change both its password attributes and userPassword. So, now I am just
stuck with the SOGo web interface breaking the synchronisation.
Is there a way to get SOGo to issue an EXOP to change the password so
that the overlay can be called in OpenLDAP? Are there any other hooks
into the password change process I could use to execute something like
smbldap-passwd to do the job instead?
Does anyone else synchronise SOGo and SAMBA passwords via their LDAP
directory? If so, how have you achieved this?
Thanks in advance,
--
Ian McMichael
• E-Mail: [email protected]
• Phone: +44-(0)7703-192837
--
[email protected]
https://inverse.ca/sogo/lists
