[Samba] Smb-LDAP Authentification -- HowTo IDEALX

Jan_Riedel at gish.de Jan_Riedel at gish.de
Wed Jul 24 00:20:04 GMT 2002 

Hello All,

I have a problem with the autentification using SAMBA and LDAP. I use the
SMBLDAP HowTo from IDEALX , but I use SuSE 7.3 as distribution. I compiled SAMBA
2.2.5 and use the OpenLDAP from the distribution. The problem is: I can´t join
the domain with W2K and I guess it is a problem with the authentification with
LDAP. Because when I use the example from the HowTo to create a user as:
degislx1:> smbldap-useradd.pl -m -a smbtest
degislx1:> smbldap-passwd.pl smbtest

Setting the password and thn try to:

degislx1:> ssh smbtest at degislx1

After typing the password there is an error message called: Permisson denied.
And the /var/log/messages says:
Jul 24 12:15:25 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed
Jul 24 12:15:27 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed
Jul 24 12:15:27 degislx1 sshd[6408]: Failed password for illegal user smbtest
from ::1 port 33262
Jul 24 12:15:29 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed
Jul 24 12:15:29 degislx1 sshd[6408]: Failed password for illegal user smbtest
from ::1 port 33262
Jul 24 12:15:30 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed
Jul 24 12:15:30 degislx1 sshd[6408]: Failed password for illegal user smbtest
from ::1 port 33262
Jul 24 12:15:30 degislx1 sshd[6408]: Connection closed by ::1

I have modified the pam module in /etc/pam.d/sshd to :

#%PAM-1.0
auth     required      pam_nologin.so
auth     sufficient    pam_ldap.so
auth     required      pam_unix.so      use_first_pass # set_secrpc
account  required      pam_unix.so
password required      pam_pwcheck.so
password required      pam_ldap.so      use_authtok
password required      pam_unix.so      use_first_pass use_authtok
session  required      pam_unix.so
session  required      pam_limits.so
session  required      pam_env.so
session  optional      pam_mail.so

When I type in getent passwd I get all the users in passwd and LDAP tree and I
also change /etc/nsswitch.conf to required values...

What can be the error ???

Thx for your help,
Jan

More information about the samba mailing list