alan.cl.wong@nokia.com
2005-Apr-04 10:21 UTC
[Samba] ADS and local user account authentication
Hi, I have a problem which I've been searching the Internet for a day and still can't resolve. Basically we have our Samba server joined to our ADS but we have a need to have local user accounts on the Samba server authenticated also because we cannot have them in the ADS. All required workstations have these accounts as local accounts not domain accounts. The question is how can I do this? I tried to modify the pam.d/login and pam.d/samba and also playing with the users.map file. Yes the smbpasswd file contains the correct information. Pam.d/login and pam.d/samba looks like this (just about): auth required pam_nologin.so auth sufficient pam_smbpass.so nodelay auth sufficient pam_stack.so service=system-auth account required pam_stack.so service=system-auth session required pam_stack.so service=system-auth password required pam_stack.so service=system-auth The only thing that seems to work is when prompt for the password to give "<sambaservername>\<thelocaluser>" I tried to play with the users.map file to give something like: Samba\user = user But Samba then takes it as [domain]\Samba\user@system Anyone have any ideas how I can get the local accounts in Samba authentication to work? Thanks in advance!!! Cheers, -Alan