PAM on Solaris experiences

Steve Langasek vorlon at
Fri Apr 6 13:39:35 GMT 2001

On Fri, 6 Apr 2001, Maurice Hoeneveld wrote:

> I hope there is a wise guy out there who can hep us out.
> Im busy with the installation of a Solaris 7 (intel) machine which is
> memeber of a NT domain and also can be used from outside the campus
> using ftp (ProFTP)

> One of my questions is
> Has anyone experiences with running PAM on Solaris for the NT user validation

> The samba part I installed runs fine. Im able to share 6000 home
> directories where the user is verified against the NT domain.
> I also installed ProFTP which I want to use with the pam_smb_auth
> module (which I downloaded from and compiled it with the -lpam
> linker option) and configured pam.conf to
> use as module for ftp authentication.

> The problem is a user which is * in /etc/passwd.
> I can see (when I start Proftp in debug mode) that Pam is invoked to
> verify the username but the user can not be found.
> Logging from ProFTP as follows;

> -- received: USER testuser
> -- no supplemental groups found for user 'testuser'
> -- received: PASS (hidden)
> -- no supplemental groups found for user 'testuser'
> -- PAM(testuser): Symbol not found
> -- USER testuser (Login failed): No such user found.

> When I check de system messages I see the following;

> -- proftpd[3946]: load_modules: pam_sm_acct_mgmt() missing

This indicates that you have 'acct xxx' in your pam.conf,
but the pam_smb_auth module you have on your system doesn't provide the
functions needed for the 'acct' section.  I don't believe any version of
pam_smb_auth supports this; you will need to use a different module in the
acct section, such as pam_unix.

Steve Langasek
postmodern programmer

More information about the samba-ntdom mailing list