How to synchronize OpenLDAP and Samba4?

campos

8/9/24, 6:18 PM

I have a samba 4 domain with internal LDAP. Now the need arose to copy OpenLDAP users and passwords to this domain. This copy must be made synchronously every time there is a change in OpenLDAP. Reading some links, I understood that copying the password is difficult due to incompatibilities.

Looking on the internet I saw that there is a service called SSSD. Can it be used by Samba 4 to read OpenLDAP users effectively? If not, is there another alternative? Can you point me to materials?

Links:

Migrating LDAP user and password to SAMBA4 AD

0 + 5

openldap

samba4

sssd

kab00m

8/9/24, 9:43 PM

Both OpenLDAP and samba LDAP support same protocol. You can make a script accessing both and do the job. This may work if you have both userPassword and sambaNTPassword in your OpenLDAP directory.

campos

8/10/24, 4:22 PM

@kab00m So I don't know how to do this translation between types of passwords.

kab00m

8/10/24, 7:20 PM

It depends, but in common case you don't have to. Both directories have them stored in same way.

campos

8/10/24, 7:41 PM

@kab00m There seems to be a mismatch between password encryptions. So I can't import password from OpenLDAP to Samba4.

kab00m

8/10/24, 9:42 PM

You need to be more specific about whole task and problems you experience.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to synchronize OpenLDAP and Samba4?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.