[Samba] PAM Module for SMB-LDAP

Matthias Eichler me at ame.de
Thu Jan 30 10:28:23 GMT 2003

Hi Bradley,

>> pam_smbpass.so can authenticate UNIX Users via SMB-LDAP
>> but it can not be used for "passwd" from UNIX-side!!!
>> We read already the sourcecode and pam_smbpass.so always
>> wants to change the smbpasswd-file, which is not be used
>> for regular users in LDAP-mode...

> i use pam smbpass for this...
> here's my /etc/pam.d/passwd file
> password requisite      pam_cracklib.so retry=3 minlen=6 difok=3 debug
> password [user_unknown=ignore success=ok new_authtok_reqd=ok
> ignore=ignore defau
> lt=bad] pam_ldap.so use_first_pass
> password required       pam_unix.so use_first_pass nullok md5 debug
> password [user_unknown=ignore success=ok new_authtok_reqd=ok
> ignore=ignore defau
> lt=bad] pam_smbpass.so use_first_pass audit

And with these settings you can really change the lmpassword and
ntpassword attributes in LDAP when doing a passwd under UNIX?!?

Thanks very much,



Mit freundlichen Grüßen
AME Aigner Media & Entertainment GmbH

Matthias Eichler
Leiter Technik | Technical Director

AME® Aigner Media & Entertainment GmbH
Bavariaring 8        D-80336 München

Tel [+49] Ø89.427 05 - 330
Fax [+49] Ø89.427 05 - 400

http://ame.de        eMail: me at ame.de
Angaben nach TDG|GmbHG:ame.de/impressum
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030130/bdb16150/attachment.bin

More information about the samba mailing list