[Samba] ldap pam and samba

Peter Hübschen pehu at wiwi.uni-sb.de
Tue May 14 23:43:03 GMT 2002 

Hello,

I can't exactly answer to this question, but I can write what I know.
1. On my testbox all accounts were imported into OpenLDAP through the 
migration-tools and all accounts had shadow-passwords.
2. I managed to use TLS to access the LDAP-server.
3. Some time ago it was not possible to configure samba with "encrypted 
passwords = yes" for use with pam and I don't think, that this has 
changed (It's a pam-thing and the problems are based on the different 
and incompatible encryption methods between Windows and Linux). Maybe 
some of the developers can exactly answer this question.

So in my opinion, if you have to use PDC-functionality with LDAP, you 
have to use the "--with-ldap" option, there is at least one website, 
which describes this option.

Peter

dweise wrote:

> Well that makes me enthusiastic. But what are the passwords in your 
> LDAP plaintext?
>
> At 10:37 PM 5/14/2002 +0200, Peter Hübschen wrote:
>
>> Hello,
>>
>> I haven't tried it, but hopefully soon I will (there are some 
>> problems with the LDAP-server (nds). I think this should work:
>> - compile samba with the "--with-pam" option
>> - install nss_ldap and pam_ldap, configure them, test them
>> and it should work.
>>
>> I had the following testsetup and it worked:
>> - Client configured with nss_ldap and pam_ldap.
>> - OpenLDAP-Server on an other box
>> and I could login from the client. So the way was:
>>
>> login -> pam -> pam_ldap -> LDAP-Server
>> and it worked.
>>
>> You have the following way:
>> samba -> pam -> pam_ldap-> LDAP-Server
>> so I think, this should work.
>>
>> One thing I'm not sure about:
>> If you want to use samba as PDC for Win2k/XP this doesn't work via pam.
>>
>>
>> Hope that helps
>> Peter
>>
>>
>> dweise wrote:
>>
>>> hello,
>>>    can i authenticate samba to pam and then ldap? thank you.
>>>
>>> --David Weise
>>>   OIT
>>>   Rider University
>>>
>>> "The real race is not on the hot, paved road, the torturous off-road 
>>> course or the smooth-surface velodrome. It is in the electrochemical 
>>> pathways of your mind."--Alexi Grewal
>>
>>
>>
>
> --David Weise
>   OIT
>   Rider University
>
> "The real race is not on the hot, paved road, the torturous off-road 
> course or the smooth-surface velodrome. It is in the electrochemical 
> pathways of your mind."--Alexi Grewal
>

More information about the samba mailing list