On Mon, 2009-09-28 at 18:37 -0400, Charles Yost wrote:> I'm attempting to setup samba authentication via PAM and more
> specifically the pam_pwdfile module. So far I have had trouble
> determining the right mix of global settings to get this to work. I
> have read through many tutorials online, but so far I have not found
> good documentation on how to achieve this.
Because it doesn't work; at least not without hacking every Windows
client. [Does that even still work anymore? I don't know, it really
is not a reasonable/maintainable thing to do].
You need to either setup an LDAP DSA and use that for authentication and
have Samba use that too (as a DC). Or setup Samba as a NT4 PDC and use
that for authentication. PAM is, practically speaking, a lost cause for
Windows clients - for technical/implementation reasons it can't work
well.
--
OpenGroupware developer: awilliam at whitemice.org
<http://whitemiceconsulting.blogspot.com/>
OpenGroupare & Cyrus IMAPd documenation @
<http://docs.opengroupware.org/Members/whitemice/wmogag/file_view>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL:
<http://lists.samba.org/pipermail/samba/attachments/20090929/43da52a7/attachment.pgp>