Zentyal Forum, Linux Small Business Server
Zentyal Server => Directory and Authentication => Topic started by: Lapin-Blanc on March 20, 2018, 07:39:42 pm
-
Hi !
I'm testing zentyal development edition (5.0.1 amd64) on virtualbox 5.2.8. Configured it as a PDC (DHCP, DNS, PDC)
My goal is to have my active directory users synced with google through GCDS.
I got nearly everything to work. Actually, everything is synced (organizational units, profiles, etc.) except passwords :(
I figured out that GCDS only updates passwords found in ldap attributes, and with certain types (SHA1, MD5, plaintext, ...)
Btw Zentyal seems to manage authentication through Kerberos (correct me if I'm wrong...)
I've made a test adding a userPassword attribute to one of the users through ldap browser, and syncing to google, everything worked fine.
Now I'm trying to find a way to have google passwords synced with my users passwords. As those passwords (or hashes) are not found in LDAP, I thought about using hooks in kerberos and/or slapd to update a userPassword field in ldap when changing it. I came across https://github.com/openldap/openldap/tree/master/contrib/slapd-modules/smbk5pwd (https://github.com/openldap/openldap/tree/master/contrib/slapd-modules/smbk5pwd) wich looked promising.
But my whole zentyal samba got broken when I tried to use it...
So I'm still trying to find a way to synchronize... :o
Any help would be greatly appreciated :D
-
Hi there, was curious if you got anywhere with this?
-
Curious too :)
-
also interested