pam_smbpass and passdb backends
Jelmer Vernooij
jelmer at duidelijk.net
Tue Jun 10 19:05:07 GMT 2003
Try to test the mysql backend from smbd first - e.g. run smbd with
'passdb backend = mysql' and connect to it using smbclient. Then read
the logs for useful information.
Jelmer
On Tue, Jun 10, 2003 at 02:46:35PM -0300, Fernando Brunelli wrote about 'pam_smbpass and passdb backends':
> I?m trying to configure pam_smbpass to use mysql passdb backend but I get on syslog (/var/log/messages)
> Jun 10 14:28:13 marguerita PAM_smbpass[31374]: Cannot access samba password database
> Jun 10 14:28:13 marguerita login[31374]: FAILED LOGIN 1 FROM (null) FOR teste1, Authentication service cannot retrieve authentication info.
> The database is running and samba working.
> If I disable passdb backend in smb.conf and use the traditional smbpasswd file it works fine.
> For information, follows the pam configuration, samba configure command and smb.conf file
> Fernando Brunelli
> /etc/pam.d/login:
> %<--------------------------------------------------------------------------------
> #%PAM-1.0
> auth requisite pam_nologin.so
> auth required pam_smbpass.so
> account required pam_smbpass.so
> password required pam_smbpass.so audit debug smbconf=/etc/samba/smb.conf
> session required pam_unix.so
> %<--------------------------------------------------------------------------------
> samba-3.0.0beta1
> ./configure --host=i686-pc-linux-gnu --build=i686-pc-linux-gnu --target=i386-redhat-linux --program-prefix= --prefix=/usr --exec-prefix=/usr
> --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec
> --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --libdir=/etc/samba --with-fhs
> --with-privatedir=/etc/samba --with-lockdir=/var/cache/samba --with-swatdir=/usr/share/swat --with-codepagedir=/usr/share/samba/codepages
> --with-syslog \
> --enable-cups \
> --with-automount \
> --with-smbmount \
> --with-pam \
> --with-mmap \
> --with-quotas \
> --without-smbwrapper \
> --with-libsmbclient \
> --with-utmp
> --with-piddir=/var/run \
> --with-acl-support \
> --with-vfs \
> --with-pam_smbpass \
> --with-msdfs \
> --with-expsam=mysql
> smb.conf:
> %<-------------------------------------------------------------------------------------------------
> [global]
> passdb backend = mysql:mysql
> mysql:mysql host = localhost
> mysql:mysql user = root
> mysql:mysql database = authentication
> mysql:table = users
> netbios name = my-name
> workgroup = my-domain
> # Uncomment this if you want a guest account, you must add this to /etc/passwd
> # otherwise the user "nobody" is used
> ; guest account = pcguest
> security = user
> encrypt passwords = yes
> ; smb passwd file = /etc/samba/smbpasswd
> # Using the following line enables you to customise your configuration
> # on a per machine basis. The %m gets replaced with the netbios name
> # of the machine that is connecting
> ; include = /etc/samba/smb.conf.%m
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> local master = yes
> domain master = yes
> preferred master = yes
> domain logons = yes
> ; logon path = \\%L\Profiles\%U
> log level = 2
> #============================ Share Definitions ==============================
> [homes]
> comment = Home Directories
> browseable = no
> writable = yes
> [netlogon]
> comment = Network Logon Service
> path = /var/lib/samba/netlogon
> guest ok = yes
> writable = no
> share modes = no
> [Profiles]
> path = /var/lib/samba/profiles
> browseable = no
> guest ok = yes
--
Jelmer Vernooij <jelmer at nl.linux.org> - http://jelmer.vernstok.nl/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20030610/25ad34fd/attachment.bin
More information about the samba-technical
mailing list