[Samba] samba + ldap + pam_mkhomedir ?

Buchan Milne bgmilne at cae.co.za
Tue May 6 13:04:50 GMT 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Date: Tue, 6 May 2003 12:16:22 +0200
> From: "Nicki Messerschmidt, Linksystem Muenchen GmbH" <samba at alienn.net>
> To: <samba at lists.samba.org>
> Cc: Charles Trtanj <c.trtanj at buero.link-m.de>
> Subject: [Samba] samba + ldap + pam_mkhomedir ?
> Message-ID: <03ec01c313b8$b4d60160$d0551ec3 at linkm.de>
> Content-Type: text/plain;
> 	charset="utf-8"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Precedence: list
> Message: 10
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi list,
> I'm on the way to implement samba with ldap on five servers (each owns
> a different nt-domain) and a master server which maintains the central
> user database which gets replicated to all the other servers.

BTW, I would apprectiate your comments on this document then:

http://ranger.dnsalias.com/samba-ldap-advanced.html

> Now I
> have just one more problem, namely homedirs. I want every user to have
> a homedir to store for example his profile. This has to exist, and it
> would be nice if I could use pam_mkhomedir to create it, but (without
> testing) I figure that samba has to authenticate against pam, am I
> right?

No, you don't need to auth via pam, see "obey pam restrictions".

I guess I should add the stuff about pam_mkhomedir (though we use rsync
and NFS, so we don't need this ourselves).

> But if I let samba autheticate against pam, do I still have all
> the information available, when autenticating against ldap?
> What I planned is this:
> User log onto pdc -> authentication against pam -> pam autheticates
> against ldap
>                   |
>                    -> if homedir exists everything is fine
>                     else
>                    -> pam_mkhomedir creates homedir on server
>
> Has anyone done something like this before and could provide some
> information?

Regards,
Buchan

- --
|--------------Another happy Mandrake Club member--------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+t7LxrJK6UGDSBKcRAoNgAJ9wwN2/KYZc+7n0P2uabTym2m2wLgCfVOMF
H/hKSuBE5YtIwr0TC6z5H9A=
=3kct
-----END PGP SIGNATURE-----

More information about the samba mailing list