pam_smbpass and passdb backends

Jelmer Vernooij jelmer at duidelijk.net
Tue Jun 10 19:05:07 GMT 2003


Try to test the mysql backend from smbd first - e.g. run smbd with
'passdb backend = mysql' and connect to it using smbclient. Then read
the logs for useful information.

Jelmer

On Tue, Jun 10, 2003 at 02:46:35PM -0300, Fernando Brunelli wrote about 'pam_smbpass and passdb backends':
> I?m trying to configure pam_smbpass to use mysql passdb backend but I get on syslog (/var/log/messages)

> Jun 10 14:28:13 marguerita PAM_smbpass[31374]: Cannot access samba password database
> Jun 10 14:28:13 marguerita login[31374]: FAILED LOGIN 1 FROM (null) FOR teste1, Authentication service cannot retrieve authentication info.

> The database is running and samba working.
> If I disable passdb backend in smb.conf and use the traditional smbpasswd file it works fine.

> For information, follows the pam configuration, samba configure command and smb.conf file


> Fernando Brunelli


> /etc/pam.d/login:
> %<--------------------------------------------------------------------------------
> #%PAM-1.0
> auth       requisite        pam_nologin.so
> auth       required         pam_smbpass.so
> account    required         pam_smbpass.so
> password   required         pam_smbpass.so audit debug smbconf=/etc/samba/smb.conf
> session    required         pam_unix.so
> %<--------------------------------------------------------------------------------

> samba-3.0.0beta1

> ./configure --host=i686-pc-linux-gnu --build=i686-pc-linux-gnu --target=i386-redhat-linux --program-prefix= --prefix=/usr --exec-prefix=/usr
> --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec
> --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --libdir=/etc/samba --with-fhs
> --with-privatedir=/etc/samba --with-lockdir=/var/cache/samba --with-swatdir=/usr/share/swat --with-codepagedir=/usr/share/samba/codepages 
> --with-syslog \
> --enable-cups \
> --with-automount \
> --with-smbmount \
> --with-pam \
> --with-mmap \
> --with-quotas \
> --without-smbwrapper \
> --with-libsmbclient \
> --with-utmp
> --with-piddir=/var/run \
> --with-acl-support \
> --with-vfs \
> --with-pam_smbpass \
> --with-msdfs \
> --with-expsam=mysql

> smb.conf:
> %<-------------------------------------------------------------------------------------------------

> [global]
>    passdb backend = mysql:mysql
>    mysql:mysql host = localhost
>    mysql:mysql user = root
>    mysql:mysql database = authentication
>    mysql:table = users

>    netbios name = my-name
>    workgroup = my-domain

> # Uncomment this if you want a guest account, you must add this to /etc/passwd
> # otherwise the user "nobody" is used
> ;  guest account = pcguest

>   security = user

>   encrypt passwords = yes
> ;  smb passwd file = /etc/samba/smbpasswd

> # Using the following line enables you to customise your configuration
> # on a per machine basis. The %m gets replaced with the netbios name
> # of the machine that is connecting
> ;   include = /etc/samba/smb.conf.%m

>    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

>    local master = yes

>    domain master = yes
>    preferred master = yes

>    domain logons = yes

> ;   logon path = \\%L\Profiles\%U

>    log level = 2

> #============================ Share Definitions ==============================
> [homes]
>    comment = Home Directories
>    browseable = no
>    writable = yes

> [netlogon]
>    comment = Network Logon Service
>    path = /var/lib/samba/netlogon
>    guest ok = yes
>    writable = no
>    share modes = no

> [Profiles]
>     path = /var/lib/samba/profiles
>     browseable = no
>     guest ok = yes

-- 
Jelmer Vernooij <jelmer at nl.linux.org> - http://jelmer.vernstok.nl/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20030610/25ad34fd/attachment.bin


More information about the samba-technical mailing list