slapd-smbk5pwd - Keeps Samba and Kerberos passwords in sync within slapd

Property Value
Distribution Ubuntu 18.04 LTS (Bionic Beaver)
Repository Ubuntu Updates Universe amd64
Package filename slapd-smbk5pwd_2.4.45+dfsg-1ubuntu1.4_amd64.deb
Package name slapd-smbk5pwd
Package version 2.4.45+dfsg
Package release 1ubuntu1.4
Package architecture amd64
Package type deb
Category universe/net
License -
Maintainer Ubuntu Developers <>
Download size 18.31 KB
Installed size 126.00 KB
Extends the PasswordModify Extended Operation to update Kerberos keys
and Samba password hashes for an LDAP user. The Kerberos support is
written for Heimdal using its hdb-ldap backend. The Samba support is
written using the Samba 3.0 LDAP schema.


Package Version Architecture Repository
slapd-smbk5pwd_2.4.45+dfsg-1ubuntu1.4_i386.deb 2.4.45+dfsg i386 Ubuntu Updates Universe
slapd-smbk5pwd_2.4.45+dfsg-1ubuntu1_i386.deb 2.4.45+dfsg i386 Ubuntu Universe
slapd-smbk5pwd_2.4.45+dfsg-1ubuntu1_amd64.deb 2.4.45+dfsg amd64 Ubuntu Universe
slapd-smbk5pwd - - -


Name Value
libc6 >= 2.4
libkadm5srv8-heimdal >= 1.4.0+git20110226
libldap-2.4-2 >= 2.4.7
libnettle6 -
slapd = 2.4.45+dfsg-1ubuntu1.4


Type URL
Binary Package slapd-smbk5pwd_2.4.45+dfsg-1ubuntu1.4_amd64.deb
Source Package openldap

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install slapd-smbk5pwd deb package:
    # sudo apt-get install slapd-smbk5pwd




2019-08-08 - Lucas Kanashiro <>
openldap (2.4.45+dfsg-1ubuntu1.4) bionic; urgency=medium
* d/p/rwm-do-not-free-original-filter.patch: Fix slapd segfault (LP: #1838370)
2019-07-26 - Marc Deslauriers <>
openldap (2.4.45+dfsg-1ubuntu1.3) bionic-security; urgency=medium
* SECURITY UPDATE: rootDN proxyauthz not restricted to its own databases
- debian/patches/CVE-2019-13057-1.patch: add restriction to
- debian/patches/CVE-2019-13057-2.patch: add tests to
tests/data/idassert.out, tests/data/slapd-idassert.conf,
tests/data/test-idassert1.ldif, tests/scripts/test028-idassert.
- debian/patches/CVE-2019-13057-3.patch: fix typo in
- debian/patches/CVE-2019-13057-4.patch: fix typo in
- CVE-2019-13057
* SECURITY UPDATE: SASL SSF not initialized per connection
- debian/patches/CVE-2019-13565.patch: zero out sasl_ssf in
connection_init in servers/slapd/connection.c.
- CVE-2019-13565
2019-04-10 - Heitor Alves de Siqueira <>
openldap (2.4.45+dfsg-1ubuntu1.2) bionic; urgency=medium
* Fix sysv-generator unit file by customizing parameters (LP: #1821343)
- d/slapd-remain-after-exit.conf: Override RemainAfterExit to allow
correct systemctl status for slapd daemon.
- d/slapd.install: place override file in correct location.
2018-10-23 - Andreas Hasenack <>
openldap (2.4.45+dfsg-1ubuntu1.1) bionic; urgency=medium
* d/apparmor-profile: update apparmor profile to allow reading of
files needed when slapd is behaving as a kerberos/gssapi client
and acquiring its own ticket. (LP: #1783183)
2017-07-28 - Gianfranco Costamagna <>
openldap (2.4.45+dfsg-1ubuntu1) artful; urgency=low
* Merge from Debian unstable.  Remaining changes:
- Enable AppArmor support:
- d/apparmor-profile: add AppArmor profile
- d/rules: use dh_apparmor
- d/control: Build-Depends on dh-apparmor
- d/slapd.README.Debian: add note about AppArmor
- Enable GSSAPI support:
- d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
- Add --with-gssapi support
- Make guess_service_principal() more robust when determining
- d/configure.options: Configure with --with-gssapi
- d/control: Added heimdal-dev as a build depend
- d/rules:
- Explicitly add -I/usr/include/heimdal to CFLAGS.
- Explicitly add -I/usr/lib/<multiarch>/heimdal to LDFLAGS.
- Enable ufw support:
- d/control: suggest ufw.
- d/rules: install ufw profile.
- d/slapd.ufw.profile: add ufw profile.
- Enable nss overlay:
- d/{patches/nssov-build,rules}: Apply, build and package the
nss overlay.
- d/{rules,}: Add apport hook.
- d/slapd.init.ldif: don't set olcRootDN since it's not defined in
either the default DIT nor via an Authn mapping.
- d/slapd.scripts-common:
- add slapcat_opts to local variables.
- Fix backup directory naming for multiple reconfiguration.
- d/{slapd.default,slapd.README.Debian}: use the new configuration style.
- d/rules: Enable -DLDAP_CONNECTIONLESS to build CLDAP (UDP) support
in the openldap library, as required by Likewise-Open
- Show distribution in version:
- d/control: added lsb-release
- d/patches/fix-ldap-distribution.patch: show distribution in version
- d/libldap-2.4-2.symbols: Add symbols not present in Debian.
- CLDAP (UDP) was added in 2.4.17-1ubuntu2
- GSSAPI support was enabled in 2.4.18-0ubuntu2

See Also

Package Description
snap-confine_2.42.1+18.04_amd64.deb Transitional package for snapd
snapcraft-examples_2.43.1+18.04_all.deb examples and demos for snapcraft
snapcraft-parser_2.43.1+18.04_all.deb cloud parser for shared snapcraft parts
snapcraft_2.43.1+18.04_all.deb easily craft snaps
snapd-glib-tests_1.49-0ubuntu0.18.04.1_amd64.deb GLib snapd library (installed tests)
snapd-xdg-open_2.42.1+18.04_amd64.deb Transitional package for snapd-xdg-open
sndfile-programs_1.0.28-4ubuntu0.18.04.1_amd64.deb Sample programs that use libsndfile
snmptrapd_5.7.3+dfsg-1.8ubuntu3.3_amd64.deb Net-SNMP notification receiver
sntp_4.2.8p10+dfsg-5ubuntu7.1_amd64.deb Network Time Protocol - sntp client
software-properties-kde_0. manage the repositories that you install software from (qt)
solr-common_3.6.2+dfsg-18~18.04_all.deb Enterprise search server based on Lucene3 - common files
solr-jetty_3.6.2+dfsg-18~18.04_all.deb Enterprise search server based on Lucene3 - Jetty integration
solr-tomcat_3.6.2+dfsg-18~18.04_all.deb Enterprise search server based on Lucene3 - Tomcat integration
sox_14.4.2-3ubuntu0.18.04.1_amd64.deb Swiss army knife of sound processing
spice-html5_0.1.7-2ubuntu1_all.deb Spice Web client which runs entirely within a modern browser