[Samba] PAM Module for SMB-LDAP
Matthias Eichler
me at ame.de
Thu Jan 30 10:28:23 GMT 2003
Hi Bradley,
>> pam_smbpass.so can authenticate UNIX Users via SMB-LDAP
>> but it can not be used for "passwd" from UNIX-side!!!
>> We read already the sourcecode and pam_smbpass.so always
>> wants to change the smbpasswd-file, which is not be used
>> for regular users in LDAP-mode...
> i use pam smbpass for this...
> here's my /etc/pam.d/passwd file
> password requisite pam_cracklib.so retry=3 minlen=6 difok=3 debug
> password [user_unknown=ignore success=ok new_authtok_reqd=ok
> ignore=ignore defau
> lt=bad] pam_ldap.so use_first_pass
> password required pam_unix.so use_first_pass nullok md5 debug
> password [user_unknown=ignore success=ok new_authtok_reqd=ok
> ignore=ignore defau
> lt=bad] pam_smbpass.so use_first_pass audit
And with these settings you can really change the lmpassword and
ntpassword attributes in LDAP when doing a passwd under UNIX?!?
Thanks very much,
Matthias
--
Mit freundlichen Grüßen
AME Aigner Media & Entertainment GmbH
Matthias Eichler
Leiter Technik | Technical Director
_______________________________________
AME® Aigner Media & Entertainment GmbH
Bavariaring 8 D-80336 München
Tel [+49] Ø89.427 05 - 330
Fax [+49] Ø89.427 05 - 400
http://ame.de eMail: me at ame.de
_______________________________________
Angaben nach TDG|GmbHG:ame.de/impressum
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030130/bdb16150/attachment.bin
More information about the samba
mailing list