I'll try that, and I appreciate it. However, as far as I can tell, Samba itself is working as well as I can expect.
However, I'm baffled by PAM and getting that working right. (I know it's not exactly a Samba question, but I thought certainly someone here would have experience with this and give me a pointer in what I must be doing wrong.) One final note: OpenLDAP is at 2.2.13 Thanks again for your help! -Greg > If you enable the kde-redhat repo (kde-redhat.sourceforge.net), Rex's > repo has current samba and all you need to do is > yum upgrade > and it works perfectly. An added benefit is more recent KDE (if you use > kde) and more recent openoffice.org > Craig > On Thu, 2006-06-08 at 08:52 -0700, [EMAIL PROTECTED] wrote: >> I used the Sernet.de RPM's - they're compiled for RHEL 4, and only >> with minor errors they installed fine. >> >> -Greg >> >> > As a side note, I am running centos 4.3 on my boxes, and I think it comes >> > with samba 3.0.10. Where did you get your RPM for 3.0.22, or did you >> > compile it from source? >> >> > Sam Adams >> > General Dynamics - Network Systems >> > Phone: 210.536.5945 >> >> > -----Original Message----- >> > From: [EMAIL PROTECTED] >> > [mailto:[EMAIL PROTECTED] On >> > Behalf Of [EMAIL PROTECTED] >> > Sent: Wednesday, June 07, 2006 4:48 PM >> > To: samba >> > Subject: [Samba] NSS/PAM LDAP Config >> >> > Ok, I've been literally throwing things in my effort to fix this. >> > Please help me from damaging something valueable! :) >> >> > I've installed Samba 3.0.22 and OpenLDAP etc. >> >> > I've used the IDEALX scripts to create the LDAP tree etc. >> > Everything goes swimmingly until I try to check and see if NSS/PAM is >> > working right. >> >> > I use the following command as shown in SBE to check NSS/PAM working. >> > getent passwd | grep root >> > getent group | grep Domain >> >> > These aren't working as they should. >> >> > I'm using CentOS 4.3 and I've used authconfig as the IDEALX scripts >> > say, and thus I have the following system-auth config in /etc/pam.d/ >> >> > --- >> > #%PAM-1.0 >> > # This file is auto-generated. >> > # User changes will be destroyed the next time authconfig is run. >> > auth required /lib/security/$ISA/pam_env.so >> > auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok >> > auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass >> > auth required /lib/security/$ISA/pam_deny.so >> >> > account required /lib/security/$ISA/pam_unix.so broken_shadow >> > account sufficient /lib/security/$ISA/pam_localuser.so >> > account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 >> > quiet >> > account [default=bad success=ok user_unknown=ignore] >> > /lib/security/$ISA/pam_ldap.so >> > account required /lib/security/$ISA/pam_permit.so >> >> > password requisite /lib/security/$ISA/pam_cracklib.so retry=3 >> > password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok >> > md5 shadow >> > password sufficient /lib/security/$ISA/pam_ldap.so use_authtok >> > password required /lib/security/$ISA/pam_deny.so >> >> > session required /lib/security/$ISA/pam_limits.so >> > session required /lib/security/$ISA/pam_unix.so >> > session optional /lib/security/$ISA/pam_ldap.so >> > --- >> >> > But that doesn't seem to work. >> >> > PAM is a total mystery to me, and I have absolutely no idea how to >> > really configure it by hand, provided the above isn't correct. >> >> > Is there a good how-to on PAM somewhere I can read? >> > I've done a number of searches, and some of those, as well as the SBE >> > example show hand-editing the files in pam.d - like login, sshd, >> > samba, and passwd. >> >> > In desperation, I've done that too, and no joy. >> >> > Can some kind soul please give me a hand here? >> >> > TIA >> > -Greg -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba