[PATCH] Remove pam_smbpass module from Samba source code

Simon Nagl simonnagl at aim.com
Thu Mar 10 16:27:10 UTC 2016

> Am 10.03.2016 um 12:09 schrieb Volker Lendecke <Volker.Lendecke at SerNet.DE>:
> On Thu, Mar 10, 2016 at 11:24:10AM +0100, Simon Nagl wrote:
>> I have a problem using pam_smbpass. After looking
>> searching in the sources and this mailing list I noticed
>> pam_smbpass is removed with version 4.4. I am actual using
>> version 4.3.
>> I have multiple Network attached storages wich need to
>> have local accounts. These accounts should be used to for
>> samba and other unix services. Till now I updated unix and
>> samba accounts separately. For that I tried to use
>> pam_smbpass with the migrate option but it did not work.
>> Trying to log in with ssh tells me: 
>> packet_write_wait: Connection to 192.168.xxx.xxx: Broken pipe
>> Now I have some questions:
>> 1) Can you imagine to implement a pam_module which can be used for my use-case?
> pam_winbind should do it. Of course winbind must be running
> locally.

Then I think I need some help. I agree with you that when running winbind locally pam_winbind can be used to sync passwords.
But user administration must be done twice. For example if I want to create a new user „testuser“ it needs two steps:

# useradd testuser
# pdbedit -a -u testuser

I do not see a way to configure pam to add a samba user.
Also I cannot add a samba user without a corresponding unix user.

Is it possible to configure samba to authenticate agains a local ldap-server without joining a domain?
Then this could be a possible configuration.


More information about the samba-technical mailing list