Samba 2.0 RedHat/PAM password troubles found and solved!
Steve Grose
sgrose at cmps.com
Wed Jan 27 19:26:16 GMT 1999
With the author's permission, I am posting this message here that was
originally posted on the redhat newsgroup:
> I tried upgrading from samba 1.9 to 2.0 on two seperate RedHat servers,
> and after both upgrades nobody could get authenticated. The windows boxes
> had the registry hacks to turn off encrypted passwords, and I'm
> authenticating out of passwd+shadow.
>
> I found many similiar posts on DejaNews and in the samba mailing list
> archives.
>
> I broke out strace and found the problem.
>
> Samba 2.0 tries to open:
>
> /etc/pam.d/samba and failing (since it doesn't exist on any box I've
> ever seen)
>
> opens
>
> /etc/pam.d/other
>
> The contents of which are:
>
> #%PAM-1.0
> auth required /lib/security/pam_deny.so
> account required /lib/security/pam_deny.so
> password required /lib/security/pam_deny.so
> session required /lib/security/pam_deny.so
>
> The authentication fails.
>
> So I created the file /etc/pam.d/samba
>
> with this content:
>
> #%PAM-1.0
> auth required /lib/security/pam_pwdb.so shadow
> account required /lib/security/pam_pwdb.so
> password required /lib/security/pam_pwdb.so shadow use_authtok
> session required /lib/security/pam_pwdb.so
>
> Now Samba 2.0 works and everyone can authenticate!
>
> You probably want to add this to your FAQ, like I said I've seen dozens of
> posts regarding this issue (some on FreeBSD w/PAM).
More information about the samba
mailing list