[Samba] pam_smbpass
Bradley W. Langhorst
brad at langhorst.com
Tue Aug 20 20:08:00 GMT 2002
Okay - I've got samba working as a PDC with and ldap backend.
I want to have some users not be in ldap (like the built in stuff like
cyrus, mail, lp etc)
I can get that to work with the pam_ldap and pam_unix but pam_smbpass
doesn't seem to return user_unknown as i expect for users who are not in
the ldap database
does this make sense?
--- pam_smb_passwd.c 12 Feb 2002 15:56:19 -0000 1.1.2.8
+++ pam_smb_passwd.c 20 Aug 2002 23:41:57 -0000
@@ -126,9 +126,9 @@
/* obtain user record */
pdb_init_sam(&sampass);
- pdb_getsampwnam(sampass,user);
+ /*pdb_getsampwnam(sampass,user);*/
- if (sampass == NULL) {
+ if (!pdb_getsampwnam(sampass,user)) {
_log_err( LOG_ALERT, "Failed to find entry for user %s.", user
);
return PAM_USER_UNKNOWN;
}
I don't think there should be any difference between these two bits of
code (and I've not yet tested it) but I don't understand why this is
failing...
password requisite pam_cracklib.so retry=3 minlen=6 difok=3 debug
password [user_unknown=ignore success=ok new_authtok_reqd=ok
ignore=ignore default=bad] pam_ldap.so use_first_pass
password required pam_unix.so use_first_pass nullok md5 debug
password [user_unknown=ignore success=ok new_authtok_reqd=ok
ignore=ignore default=bad] pam_smbpass.so use_first_pass audit
any ideas?
brad
More information about the samba
mailing list