Authentification via PAM AND smbpasswd
olpa at sybcom.de
olpa at sybcom.de
Wed Sep 6 07:30:59 GMT 2000
On Yesterday, Peter Samuelson wrote:
> Date: Tue, 5 Sep 2000 21:14:21 -0500 (CDT)
> From: Peter Samuelson <peter at cadcamlab.org>
> To: olpa at sybcom.de
> Cc: samba-ntdom at us4.samba.org
> Subject: Re: Authentification via PAM AND smbpasswd
>
>
> [olpa-samba at sybcom.de <olpa-samba at sybcom.de>]
> > I want to authenticate users against the NDS via PAM and use samba
> > TNG as a PDC.
>
> Can't have both. The problem is that as a PDC, Samba needs to store NT
> password hashes and do its own authentication; it cannot use PAM,
> whether that be pam_ldap or anything else, because PAM is not quite
> flexible enough to allow for the necessary challenge-response from the
> application side.
>
> Basically, a PDC must have `encryption = yes'....
>
> What you need is for Samba to use a direct LDAP or NDS lookup, and
> store its own passwords in your NDS database. This may be possible --
> Samba does have *some* LDAP support -- but I have no idea how to go
> about setting it up.
>
> Peter
Hi,
I experienced a bit with SAMBA <-> LDAP and this will require the change
of the schema for the NDS.
I thought more of something like
password encryption for machines = yes
password encryption for users = no
and then, for the latter case use PAM (and thus NDS)
---
Running Windows on a Pentium is like having a brand new Porsche but only
be able to drive backwards with the handbrake on.
(Unknown source)
---
Oliver Pabst .-------------------------.
mailto:olpa at sybcom.de : :
phone :+49 681 56600600 : project department : SYBCOM GmbH
fax :+49 681 56600660 : : http://www.sybcom.de
More information about the samba-ntdom
mailing list