root can't log into SWAT
Scott Phelps
sphelps at ridgways.com.
Wed Nov 5 14:07:16 GMT 2003
On Tue, 2003-11-04 at 07:58, Alexander Bokovoy wrote:
> On Wed, Nov 05, 2003 at 08:46:23AM -0500, Scott Phelps wrote:
> > > > Of course xinetd is running, but when I try to log in through my browser
> > > > as root is says access denied.
> >
> > > Have you configured Samba to use PAM during build? If so, SWAT relies on
> > > PAM to perform authentication and therefore you need to have correct PAM
> > > settings for facility called 'samba' (usually /etc/pam.d/samba in Linux
> > > PAM).
> >
> > Yes I did. Here's my /etc/pam.d/samba file. This is a new
> > installation, and nothing has been modified:
> >
> > #%PAM-1.0
> > auth required pam_smbpass.so nodelay
> > account required /lib/security/pam_stack.so service=system-auth
> > session required /lib/security/pam_stack.so service=system-auth
> > password required pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf
> Well, this PAM file does not need to be based on pam_smbpass actually. You
> can use just system-auth instead.
>
> >
> > BTW heres the output of my swat log:
> > [2003/11/04 05:00:16, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(189)
> > startsmbfilepwent_internal: file /etc/samba/private/smbpasswd did not
> > exist. File successfully created.
> > [2003/11/04 05:00:16, 0] auth/pampass.c:smb_pam_passcheck(810)
> > smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User root !
> > Does root need a smbpasswd entry?
> In your current configuration, yes, it needs -- because you have
> configured it to check password against smbpasswd instead of existing
> system database (shadow, probably).
Thank you very much! However, this is not the behavior I want. I just
want to check password against the shadow file _only_. How can I fix
this?
--
Scott
More information about the samba-technical
mailing list