[Samba] pamsmb_pass, userPassword & samba(LM/NT)Password
Andrew Bartlett
abartlet at samba.org
Tue Nov 18 09:54:46 GMT 2003
On Tue, 2003-11-18 at 16:29, Chew, Darren wrote:
> Hi All,
>
> Has anyone used pam_smbpass before with Samba 3 and Solaris 9?
>
> The problem I am facing is that the sambaNTPassword/sambaLMPassword and
> the posixAccount userPassword attributes are not the same.
One of the better options would be to make your LDAP server authenticate
against the sambaNTPassword instead. If you server is OpenLDAP, you
could use a nasty sequence of OpenLDAP -> SASL (plain) -> PAM ->
pam_winbind -> winbind -> smbd -> LDAP to authenticate your users...
Someday, I'll test out if I can actually make this work, and document
it, but at least in theory, you should never need the userPassword if
the NT password is present, for plaintext at least.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20031118/054faffa/attachment.bin
More information about the samba
mailing list