0

I'm planning on setting up centralized authentication for a Samba file server, a VPN, Radius and Postfix using either LDAP or Kerberos. These services are going to be accessed by Windows clients.

As far as I can tell, this is very do-able, but I'm missing one piece of the puzzle. How will non-technical Windows users change their password?

Is there a gui (web-based?) way to give users the ability to change their LDAP or Kerberos password on a Linux server from their Windows laptops?

Pyzo
  • 135
  • 1
  • 1
  • 7

1 Answers1

0

When you have set up everything correctly, they can do this from the Windows password change dialog you can get when pressing Ctrl+Alt+Del.

The key configuration variable in smb.conf is passwd chat, but also take a look at pam password change and ldap passwd sync.

Sven
  • 98,649
  • 14
  • 180
  • 226
  • 1
    Thanks, I assume the clients will need to be part of a Samba domain as opposed to being remaining in a workgroup? – Pyzo Aug 16 '11 at 18:11
  • 1
    @Pyzo Correct, this will only work for domain machines. – 84104 Aug 16 '11 at 18:15
  • 1
    @Pyzo: If you need to have a password change method for non-domain users, you will indeed need another tool. Beside web tools like Usermin, you could use a Windows frontend to kpasswd if you use Kerberos with Samba or write a small tool that changes the SMB and LDAP password when using LDAP (this will require write access to the relevant attributes for your LDAP users). – Sven Aug 16 '11 at 19:56