[Samba] Smb-LDAP Authentification -- HowTo IDEALX
Jan_Riedel at gish.de
Jan_Riedel at gish.de
Wed Jul 24 00:20:04 GMT 2002
Hello All,
I have a problem with the autentification using SAMBA and LDAP. I use the
SMBLDAP HowTo from IDEALX , but I use SuSE 7.3 as distribution. I compiled SAMBA
2.2.5 and use the OpenLDAP from the distribution. The problem is: I can´t join
the domain with W2K and I guess it is a problem with the authentification with
LDAP. Because when I use the example from the HowTo to create a user as:
degislx1:> smbldap-useradd.pl -m -a smbtest
degislx1:> smbldap-passwd.pl smbtest
Setting the password and thn try to:
degislx1:> ssh smbtest at degislx1
After typing the password there is an error message called: Permisson denied.
And the /var/log/messages says:
Jul 24 12:15:25 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed
Jul 24 12:15:27 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed
Jul 24 12:15:27 degislx1 sshd[6408]: Failed password for illegal user smbtest
from ::1 port 33262
Jul 24 12:15:29 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed
Jul 24 12:15:29 degislx1 sshd[6408]: Failed password for illegal user smbtest
from ::1 port 33262
Jul 24 12:15:30 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed
Jul 24 12:15:30 degislx1 sshd[6408]: Failed password for illegal user smbtest
from ::1 port 33262
Jul 24 12:15:30 degislx1 sshd[6408]: Connection closed by ::1
I have modified the pam module in /etc/pam.d/sshd to :
#%PAM-1.0
auth required pam_nologin.so
auth sufficient pam_ldap.so
auth required pam_unix.so use_first_pass # set_secrpc
account required pam_unix.so
password required pam_pwcheck.so
password required pam_ldap.so use_authtok
password required pam_unix.so use_first_pass use_authtok
session required pam_unix.so
session required pam_limits.so
session required pam_env.so
session optional pam_mail.so
When I type in getent passwd I get all the users in passwd and LDAP tree and I
also change /etc/nsswitch.conf to required values...
What can be the error ???
Thx for your help,
Jan
More information about the samba
mailing list