[Samba] Setting up PDC with PAM
cabotp at intergate.ca
Mon Mar 10 06:09:11 GMT 2003
According to the documentation on setting up Samba to be a PDC. It says
that you have to enable encrypted passwords for it to work!
Now for Samba with PAM to work the documentation says that you can't
have encrypted passwords enabled!
So does that mean that I can't set up Samba has a PDC and use PAM to
authenticate the users!
Reason I ask is I did have Samba set up as a PDC with 3 windows client
computers, 2 with Windows 2000, one with Windows XP!
I then deciced to try and use PAM so I went into the registry of the 3
clients and set it to enableplaintextpasswords = 1
And I set Samba to plain text passwords and to obey pam restrictions!
Pam now works Ie if I change the password with smbpasswd the unix
password is changed as well!
But the problem I'm having is!
When a I logon to the domain, My username and Password are excepted but
then I get a message on windows saying that it couldn't access my
profile and will use a local profile, also it mentions that the username
and password might not be correct! Once I have the windows desktop I
can't access my home network drive (The one that you set Samba to), but
if I go into the network area and access the domain there and then
access the server it asks for my username and password and voila it
works I can access the profiles and home shares!
Here is my smb.conf file
workgroup = DOMAIN
netbios name = CABOTP
server string = Samba Server %v %h
obey pam restrictions = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
username map = /etc/samba/smbusers
unix password sync = Yes
log level = 1
log file = /var/log/samba/%m.log
max log size = 50
time server = Yes
printcap name = lpstat
logon script = %U.vbs
logon path = \\%L\Profiles\%U
logon drive = Z:
logon home = \\%L\%U
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
wins support = Yes
hosts allow = 192.168.0.0/24, 127.0.0.1
printing = lprng
comment = Home Directories
valid users = %S
admin users = root,paul
read only = No
create mask = 0664
directory mask = 0775
strict allocate = Yes
strict locking = Yes
comment = Network Logon Service
path = /var/spool/samba/netlogon
write list = root
path = /var/spool/samba/profiles
read only = No
csc policy = disable
More information about the samba