"encrypt passwords=yes" + PAM ??

Scott Copus Scott.Copus at wku.edu
Wed Oct 31 07:44:11 GMT 2001


The man page for smb.conf ("obey pam restrictions" section) says:
  Note that Samba always ignores PAM for authentication in the case of
  encrypt passwords = yes .  The reason is that PAM modules cannot
  support the challenge/response authentication mechanism needed
  in the presence of SMB password encryption.

Is this ALWAYS true??  Or can this behavior be changed from
the source code's "configure" script??

Here's the scenario:
If I always have access to a user's clear-text password, then is
it even *possible* to use PAM for authentication?

Is it not possible to take a known clear-text password and encrypt
it (just as smbpasswd does!) and then compare that encrypted password
to the password that the samba server gets from the workstation?
If I'm missing something here, somebody let me know.

thanks for any suggestions!

Scott
Scott.Copus at wku.edu

-------------- next part --------------
HTML attachment scrubbed and removed


More information about the samba-ntdom mailing list