Hello samba experts, I want to configure samba with mysql as backend. I searched on google and i found some info about this subject but it seems to be not really what i nedd. I said this because i found few howtos about how to configure samba to read password from mysql database to authenticate users. Is good but not enough. I don't want shell users with different password for samba!!! I want ONLY VIRTUAL USERS (no one shell account) and al of them MUST resides in mysql database with all attributes (home directory, UID, GID, password, domain, etc)..... Google said that my problem is not well documented and in the past was some tryes about this subject. I found also some info about samba and pam_mysql plugin. I've configured few weeks ago this plugin to authenticate users for postfix smtp, and everithing was ok. Actually, i want to do the same work with samba, but i don't know if samba-2.2.7 support it. Can anybody point me to the right way? Some success stories about this subject will be appreciated. Thanks in advance, Alex Pita
Jacob Anawalt
2002-Dec-10 21:34 UTC
[Samba] Re: Samba with Mysql as backend and VIRTUAL users.
Alex, It sounds like you are trying to do w/ the mysql database what some organizations have done with NIS/YP or are doing with LDAP or MS Directory Services. If you are using a system that includes PAM, you can reconfigure your system to look to sources other than the password file for username lookups. I looked into this, toying with the idea of using LDAP to sync all my server accounts and samba logins. There were modules to do this, but it seemed a bit daunting for the few user accounts I was worried about. Perhaps it wont be much longer before this process becomes more polished and the documentation is refined. Anyway, I've seen smb.config files that talk about syncing unix and samba username/passwords. I've also read about the difference between unix passwords and windows passwords and why in the LDAP structure there is a space for the unix password and for the samba password, but I dont remember the details now. So, my suggestion is to look into samba with LDAP (lightweight directory access protocol) and PAM (pluggable authentication module), or at least samba with PAM and authenticating to a mysql db (google had a few hits w/ samba pam mysql). You may also want to look into stunnel or some ssh setup so the mysql transactions for password lookups aren't in the clear. The LDAP client is able to be configured to verify against SSL certificates to know that the LDAP server is valid. "Alex Pita" <newmail@softhome.net> wrote in message news:3DF61A7F.6090304@softhome.net...> Hello samba experts, > > I want to configure samba with mysql as backend. I searched on google > and i found some info about this subject but it seems to be not really > what i nedd. I said this because i found few howtos about how to > configure samba to read password from mysql database to authenticate > users. Is good but not enough. I don't want shell users with different > password for samba!!! I want ONLY VIRTUAL USERS (no one shell account) > and al of them MUST resides in mysql database with all attributes (home > directory, UID, GID, password, domain, etc)..... > > Google said that my problem is not well documented and in the past was > some tryes about this subject. I found also some info about samba and > pam_mysql plugin. I've configured few weeks ago this plugin to > authenticate users for postfix smtp, and everithing was ok. Actually, i > want to do the same work with samba, but i don't know if samba-2.2.7 > support it. > > Can anybody point me to the right way? Some success stories about this > subject will be appreciated. > > Thanks in advance, > > Alex Pita > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >