On Wed, 2006-08-23 at 11:30 -0400, Karen R McArthur wrote: > RedHat enterprise v4 > openldap 2.2.13-4 > cyrus-sasl 2.1.19-5.EL4 > samba 3.0.10-1.4E.9 > krb-libs 1.3.4-27 > > server1: openldap and kerberos server > server2: samba server > > We have openldap working as posix source for all of our *nix logins - > with passwords stored in kerberos accessed via sasl. > We have an exiting samba server running on redhat for macintosh/windows > user access to network storage. Our passwords are stored in smbpasswd. > Access works fine in this configuration. > We would like to centralize this authentication and have samba read it's > passwords from ldap/kerberos.
> I assume the errors are because I do not have sambaLMPassword or > sambaNTPassword stored in my ldap database. I do not want to do this. > How do I set up samba to read all access from pam (as in the smbclient) > and not require storage of passwords in ldap? The only way not to duplicate the password info is to have the KDC use the Samba passwords. It is *not possible* to use encrypted passwords (which these clients expect) and PAM. Heimdal can read the Samba password database, and I have operated a site on this basis. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. http://redhat.com
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba