pdw at ferret.lmh.ox.ac.uk
Tue Nov 16 23:33:34 GMT 1999
On Tue, 16 Nov 1999, Edward Schernau wrote:
> Paul Warren wrote:
> > On Mon, 15 Nov 1999, Tavis Barr wrote:
> > > All that mksmbpasswd does is write a correctly-formatted SMB password
> > > file with an invalid entry in the password field. This means that all of
> > There is a PAM module around that allows you to do exactly this. It is
> > then trivial to set up such that /bin/passwd changes both passwords, with
> > whatever password quality checking you feel like imposing with eg.
> > pam_limits.so
> Hey, for the PAM-impaired among us, how can we do this?
Once you have located, built and installed pam_smbpass.so, the following
lines in /etc/pam.d/passwd should do the trick...
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so retry=3
password required /lib/security/pam_pwdb.so use_authtok
password required /lib/security/pam_smbpass.so use_first_pass use_authtok
> Also, an utterly OT PAM question - how can you enable null passwords?
Remove the cracklib line, and give pam_pwdb.so the nullok option, I think.
More information about the samba-ntdom