root can't log into SWAT

Alexander Bokovoy a.bokovoy at
Tue Nov 4 12:58:09 GMT 2003

On Wed, Nov 05, 2003 at 08:46:23AM -0500, Scott Phelps wrote:
> > > Of course xinetd is running, but when I try to log in through my browser
> > > as root is says access denied.
> > Have you configured Samba to use PAM during build? If so, SWAT relies on
> > PAM to perform authentication and therefore you need to have correct PAM
> > settings for facility called 'samba' (usually /etc/pam.d/samba in Linux
> > PAM).
> Yes I did.  Here's my /etc/pam.d/samba file.  This is a new
> installation, and nothing has been modified:
> #%PAM-1.0
> auth       required nodelay
> account    required     /lib/security/ service=system-auth
> session    required     /lib/security/ service=system-auth
> password   required nodelay smbconf=/etc/samba/smb.conf
Well, this PAM file does not need to be based on pam_smbpass actually. You
can use just system-auth instead.

> BTW heres the output of my swat log:
> [2003/11/04 05:00:16, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(189)
>   startsmbfilepwent_internal: file /etc/samba/private/smbpasswd did not
> exist. File successfully created.
> [2003/11/04 05:00:16, 0] auth/pampass.c:smb_pam_passcheck(810)
>   smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User root !
> Does root need a smbpasswd entry?
In your current configuration, yes, it needs -- because you have
configured it to check password against smbpasswd instead of existing
system database (shadow, probably).
/ Alexander Bokovoy
Samba Team            
ALT Linux Team        
Midgard Project Ry    

More information about the samba-technical mailing list