[Samba] pam module for ldap/ADS for Solaris 2.8 to communicate with
Windows 2000ADS
Andrew Bartlett
abartlet at pcug.org.au
Wed Feb 27 03:54:12 GMT 2002
Thaung.Nyein at abbott.com wrote:
>
> Hello,
>
> In the third party software that we bought, which runs on Solaris 2.8 Server,
> we use the pam_smb version 1.9.8 to authenticate our users against the NT
> Domain. Now, our company is migrating from NT Domain to Windows 2000 ADS
> Domain in native mode. I saw the documention on SAMBA 3.0 (alpha 1-15), and
> it states that SAMBA 3.0 is compatible with ldap/ADS of Windows 2000. Have
> you created a pam module, the counterpart of pam_smb, for
> Windows 2000 ADS/ldap ? If so, where can I find the pam for ldap/ADS ?
> Thanks.
pam_smb will still work - but that module is as ugly as all heck! If
you want a real pam moudule for NT/Win2k domain intergration, use the
pam_winbind included in HEAD (and 2.2 - but the head version is better).
BTW, 'native mode' actually doesn't change that much, its the
restirctions on top of that that start getting interesting...
If you are really native (no NTLM whatsoever) then pam_krb5 might do
somthing for you, but I've never used it with Win2k.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list