Fwd: PAMSMBD ?

Andrew Bartlett abartlet at samba.org
Fri Jul 19 02:54:02 GMT 2002


Lloyd Lowe wrote:
> 
> ----------  Forwarded Message  ----------
> 
> Subject: PAMSMBD ?
> Date: Tue, 16 Jul 2002 16:54:33 +0200
> From: Lloyd Lowe <babyscout at softhome.net>
> To: samba-bugs at samba.org
> 
> Can you tell me where to find PAMSMBD ? I have searched the file structure
> and the uninstalled code. THe file doesn't seem to show itself. According to
> the information provided, the file should be in the /usr/local/sbin
> directory, but this in not the case. The package I have downloaded was from 3
> different site so It's either me or the Package source. The sopurce is
> pam_smb-1.1.6.tar.gz. I would like to have the Authentication done by our
> resident EVIL, but so far this has been nothing short of frustrating. I have
> managed to sorth out config files so that it will now what to look for but as
> far as the software is concerned It's still got a missing bit which mus be
> added to the rc.local

Two things:

- there is no such thing as pamsmbd to my knowlege.

- use of pam_smb is a bad idea anyway:
   - it is a GPL'ed PAM module, 
   - it is insecure (vunrable to spoofing)
   - it is slow:  it must connect to the PDC once per authenticaion.

Samba 2.2.5 and above provide 'pam_winbind', which uses winbindd to do
the same thing, without any of these problems.   Samba HEAD adds
'winbind use default domain', where users don't need to 'prefix' their
username like so 'domain\username'.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net




More information about the samba-technical mailing list