Ganael LAPLANCHE
2003-Aug-04 08:25 UTC
Réf. : Re: R?f. : [Samba] system users and smbpasswd users
Hi :) As I'd say in French "de rien !" (you're welcome :)) Yes, you can use PAM to redirect the system authentication calls to your LDAP directory, but in reality samba will continue to use two types of accounts : the "posixAccount"s (same as /etc/passwd) and the "sambaSamAccount"s. Everything will be stored in you LDAP directory, but Samba still needs two types of accounts : one for the system, one for Samba (even if the accounts will be merged in only one entry). If you plan to use PAM, don't forget to use nsswitch (libnss-ldap), which allows your system to catch name services calls (e.g. to identify the available accounts when you use "getent passwd") and to redirect them to a dedicated backend (e.g. /etc/passwd). Pam is for only authentication, while nsswitch is for name service "translation". You should use both libpam-ldap and libnss-ldap if you want your System being able to identify AND authenticate LDAP-only users. I don't have much more infos about "_nua" accounts, I think they've been removed, or maybe they were just planned... I really don't know... Good luck ! Gana?l. payal-samba@staticky.com on 07/31/2003 04:02:46 PM Pour : ganael.laplanche@edfgdf.fr cc : Objet : Re: R?f. : [Samba] system users and smbpasswd users Hi, Thanks for the mail. On Wed, Jul 30, 2003 at 10:58:35AM +0200, Ganael LAPLANCHE wrote:> Samba needs two accounts : a system account AND a samba account. Thereason> for this is > you can't store every piece of information samba needs in the /etc/passwd > file (e.g. Samba Home dir).oh! some people say that I can use PAM for this. Do you have any ideas on this?> You may have heard about _nua (No Unix Accounts) backends, a way ofstoring> users in samba-onlyNo never heard of this. Can you give some more info. As you say in French, Merci beaucoup :) With warm regards, -Payal -- "Visit GNU/Linux Success Stories" http://payal.staticky.com Guest-Book Section Updated.
Ganael LAPLANCHE
2003-Aug-04 08:55 UTC
Réf. : Re: R?f. : [Samba] system users and smbpasswd users
Hi again, A useful link : see http://www.padl.com for more infos on libnss-ldap and libpam-ldap... Hope this helps, Regards, Gana?l. payal-samba@staticky.com on 07/31/2003 04:02:46 PM Pour : ganael.laplanche@edfgdf.fr cc : Objet : Re: R?f. : [Samba] system users and smbpasswd users Hi, Thanks for the mail. On Wed, Jul 30, 2003 at 10:58:35AM +0200, Ganael LAPLANCHE wrote:> Samba needs two accounts : a system account AND a samba account. Thereason> for this is > you can't store every piece of information samba needs in the /etc/passwd > file (e.g. Samba Home dir).oh! some people say that I can use PAM for this. Do you have any ideas on this?> You may have heard about _nua (No Unix Accounts) backends, a way ofstoring> users in samba-onlyNo never heard of this. Can you give some more info. As you say in French, Merci beaucoup :) With warm regards, -Payal -- "Visit GNU/Linux Success Stories" http://payal.staticky.com Guest-Book Section Updated.