Building a custom auth back-end.

Christopher R. Hertel crh at
Thu Jan 9 21:44:00 GMT 2003

Abartlet, et. al.,

I've been asked to check on something.  I haven't been working with this
aspect of the authentication code in Samba so I need a little guidance.

Question:  How hard is it, if we're *not* using PAM, to build a custom 
           authentication back-end for Samba?

The reason that we (the University, where I work) are not using PAM is
that there are a lot of servers out there on all sorts of platforms.  
Some use PAM, some don't.  A general solution would need to work without.
The authentication database is a big central system.  It can do RADIUS and
LDAP and a few other schemes, but RADIUS is preferred.  It already stores
NTLMv1 hashes.

To give you an idea of scale (and why this is an interesting project), the 
central database has on the order of 130,000 user entries.  We're a big 
shop, in some ways, a lot of little shops in others.

Anyway, the goal is to let Windows users connect to Samba servers, 
authenticating against the central database.  I think it should be easy to 
do, if we have the hooks to do it.  I think I remember someone saying we 
have such hooks.  As you know, my head has been burried in my book so I'm 
a little lost with regard to such things.

Chris -)-----

Samba Team --     -)-----   Christopher R. Hertel
jCIFS Team --   -)-----   ubiqx development, uninq.
ubiqx Team --     -)-----   crh at
OnLineBook --    -)-----   crh at

More information about the samba-technical mailing list