[Samba] urgent help needed! pam_smb auth any password...
Andrew Bartlett
abartlet at samba.org
Fri Oct 10 04:07:42 GMT 2003
On Thu, 2003-10-09 at 00:53, Jelmer Vernooij wrote:
> On Wed, 2003-10-08 at 14:50, Luís Miguel Silva wrote:
> > All the other samba servers auth nicely on samba 3.0, and im able to logon the domain, but...
> > when i try to auth an account with pam_smb, i can ALLWAYS connect!
> >
> > It accepts ANY login/password pair!
> >
> > I read the pam_smb "warning" which said:
> > This version contains a bug-fix that stops pam_smb from authenticating
> > against servers in share mode i.e. Win 95 or samba in share mode.
> > If you had a share mode server by mistake in your pam_smb.conf
> > anyone could log in to any a/c on your machine with no password !!!
> >
> > I allready installed this version...and checked the code and it doesnt seem to do no good.
> >
> > Can anybody help me with this?
> >
> > My pam_smb version is 1.1.7
> pam_smb is not a module from Samba, so you probably would have a better
> response at the pam_smb mailinglist.
>
> Jelmer
Furthermore, I would strongly advise against the use of pam_smb - it
does nothing to check that it is indeed talking to the correct server.
I always recommend the use of pam_winbindd instead.
To match pam_smb behaviour, you might want to use the 'winbind use
default domain' option in your smb.conf.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20031010/fb2c12d4/attachment.bin
More information about the samba
mailing list