PAM and NT'ed Linux ..
Luke Kenneth Casson Leighton
lkcl at regent.push.net
Thu Apr 30 16:35:54 GMT 1998
On Thu, 30 Apr 1998, Andrew Morgan wrote:
> Luke Kenneth Casson Leighton writes:
> > On Thu, 30 Apr 1998, Dave Airlie wrote:
> > > I have seen your posting about there being a problem with Linux becoming
> > > NT'ed, due to the incompleteness of PAM,
> > >
> > > I am just wondering how much work it would be to allow
> > >
> > > DOMAIN\USERNAME as a username for most programs and then have the PAM
> > > module get this string and work it out from there ....
> > funnily enough i've been thinking EXACTLY the same thing for a few days!!!
> > > I might play around with this idea with pam_smb later on today to see ...
> > >
> > > Does anyone on the pam_list have any reason why a username of that type
> > > might cause problems ?
> > it might have to be turned into a real user, but that can be done by
> > modifying the PAM_USER_DATA (or whatever) data field. does anyone on the
> > pam_list have any problem / issue with _that_, and in particular, will it
> > cause problems for applications?
> I probably would have some comments and suggestions, I just do not
> understand what you are talking about! Please could you elaborate?
> Are you trying to make a module that will plug into login, for
> example? If so, what would I as an applicant user see in the way of
> prompts and what would login need to support in order to work?
based on pam_unix, it would be identical to the login / logout system, but
would potentially _change_ the username that the user actually logged in
e.g from \\DOMAIN\lkcl to lkcl_dom (or just to guest or nobody)
e.g from Administrator to root
such that you do
regent login: Administrator
Last Login: some_time_ago
More information about the samba-ntdom