[Samba] Smb-LDAP Authentification -- HowTo IDEALX

Markus Schabel markus.schabel at tgm.ac.at
Wed Jul 24 00:33:04 GMT 2002 

try changing your pam.d/sshd:

password sufficient pam_ldap.so      use_authtok

greetz

----- Original Message -----
From: <Jan_Riedel at gish.de>
To: <samba at lists.samba.org>
Sent: Wednesday, July 24, 2002 9:15 AM
Subject: [Samba] Smb-LDAP Authentification -- HowTo IDEALX


>
> Hello All,
>
> I have a problem with the autentification using SAMBA and LDAP. I use the
> SMBLDAP HowTo from IDEALX , but I use SuSE 7.3 as distribution. I compiled
SAMBA
> 2.2.5 and use the OpenLDAP from the distribution. The problem is: I can´t
join
> the domain with W2K and I guess it is a problem with the authentification
with
> LDAP. Because when I use the example from the HowTo to create a user as:
> degislx1:> smbldap-useradd.pl -m -a smbtest
> degislx1:> smbldap-passwd.pl smbtest
>
> Setting the password and thn try to:
>
> degislx1:> ssh smbtest at degislx1
>
> After typing the password there is an error message called: Permisson
denied.
> And the /var/log/messages says:
> Jul 24 12:15:25 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle
passed
> Jul 24 12:15:27 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle
passed
> Jul 24 12:15:27 degislx1 sshd[6408]: Failed password for illegal user
smbtest
> from ::1 port 33262
> Jul 24 12:15:29 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle
passed
> Jul 24 12:15:29 degislx1 sshd[6408]: Failed password for illegal user
smbtest
> from ::1 port 33262
> Jul 24 12:15:30 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle
passed
> Jul 24 12:15:30 degislx1 sshd[6408]: Failed password for illegal user
smbtest
> from ::1 port 33262
> Jul 24 12:15:30 degislx1 sshd[6408]: Connection closed by ::1
>
> I have modified the pam module in /etc/pam.d/sshd to :
>
> #%PAM-1.0
> auth     required      pam_nologin.so
> auth     sufficient    pam_ldap.so
> auth     required      pam_unix.so      use_first_pass # set_secrpc
> account  required      pam_unix.so
> password required      pam_pwcheck.so
> password required      pam_ldap.so      use_authtok
> password required      pam_unix.so      use_first_pass use_authtok
> session  required      pam_unix.so
> session  required      pam_limits.so
> session  required      pam_env.so
> session  optional      pam_mail.so
>
> When I type in getent passwd I get all the users in passwd and LDAP tree
and I
> also change /etc/nsswitch.conf to required values...
>
> What can be the error ???
>
> Thx for your help,
> Jan
>
>
>
>
>
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

More information about the samba mailing list