Re: [Samba] samba authentication via pam_pwdfile
On Mon, 2009-09-28 at 18:37 -0400, Charles Yost wrote: I'm attempting to setup samba authentication via PAM and more specifically the pam_pwdfile module. So far I have had trouble determining the right mix of global settings to get this to work. I have read through many tutorials online, but so far I have not found good documentation on how to achieve this. Because it doesn't work; at least not without hacking every Windows client. [Does that even still work anymore? I don't know, it really is not a reasonable/maintainable thing to do]. You need to either setup an LDAP DSA and use that for authentication and have Samba use that too (as a DC). Or setup Samba as a NT4 PDC and use that for authentication. PAM is, practically speaking, a lost cause for Windows clients - for technical/implementation reasons it can't work well. -- OpenGroupware developer: awill...@whitemice.org http://whitemiceconsulting.blogspot.com/ OpenGroupare Cyrus IMAPd documenation @ http://docs.opengroupware.org/Members/whitemice/wmogag/file_view signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba authentication via pam_pwdfile
On Sep 29, 2009, at 6:47 AM, Adam Tauno Williams wrote: Because it doesn't work; at least not without hacking every Windows client. [Does that even still work anymore? I don't know, it really is not a reasonable/maintainable thing to do]. You need to either setup an LDAP DSA and use that for authentication and have Samba use that too (as a DC). Or setup Samba as a NT4 PDC and use that for authentication. PAM is, practically speaking, a lost cause for Windows clients - for technical/implementation reasons it can't work well. I apologize, I suppose I left some details out. I am not trying to setup a domain, or even share printers. All that I am looking to accomplish with my samba implementation is sharing a couple of directories on the server to a few independent windows machines. I don't need users to authenticate across a domain, just to be able to have access to the shares based on username restrictions. I can get this working just fine using the smbpasswd file, but I am trying to unify the passwords used for several services. I am sure it can be done because there is a whole chapter in the samba documentation on using PAM with winbind on a samba machine when you need to authenticate to an existing domain. =Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba authentication via pam_pwdfile
I'm attempting to setup samba authentication via PAM and more specifically the pam_pwdfile module. So far I have had trouble determining the right mix of global settings to get this to work. I have read through many tutorials online, but so far I have not found good documentation on how to achieve this. What I am really attempting to do is unify the credentials for access to the server though ftp, apache, and samba. I _do not_ want to link the linux shell credentials to this for various reasons including security. Any helpful suggestions would be appreciated. =Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
