[Samba] [Fwd: Winbind under 3.0
Andrew Bartlett
abartlet at samba.org
Tue Sep 30 14:00:25 GMT 2003
On Tue, 2003-09-30 at 05:34, Ron Garcia-Vidal wrote:
> Jelmer Vernooij wrote:
>
> >>So under 2.8 this was happening, until I realized I hadn't installed
> >>libpam-smbpass. Once I did this, access was granted. After I upgraded
> >>I checked that all relevant packages were at 3.0beta2 and they were,
> >>including libpam-smbpass. So am I missing another library? Am I
> >>missing something in my smb.conf file? Here's the output of testparm:
> >>
> >>
> >libpam-smbpass is not required to make samba work correctly. It is of
> >absolutely no use when you put it inside /etc/pam.d/samba.
> >
> Well, under 2.8 it didn't work until I installed that library. Maybe a
> quirk with my setup. No biggie, your statement is certainly true for 3.0.
>
> >>~ obey pam restrictions = Yes
> >>
> >>
> >^^ obey pam restrictions is only useful if you have 'encrypt passwords =
> >no'
This is incorrect. 'obey pam restrictions' is about using pam's account
and session management code, despite using encrypted passwords.
> >
> I was using obey pam restrictions because I had the line:
>
> session required pam_mkhomedir.so skel=/etc/skel umask=0022
What was the rest of this file?
> in pam.d/samba, in order to autocreate home directories when users
> accessed via smb. Setting "obey pam restrictions" to no (or commenting
> it out) fixed the access problem I was having (Thanks very much!) but
> now home directories aren't being autocreated. This is minor and will
> probably only result in mild annoyance on the part of my users, but if
> anyone knows of a way I can have my cake and eat it too, please do tell!
Check what you have for the 'account' line - make sure it's valid by
checking what you have for SSH etc. Otherwise, this looks like a pretty
normal setup.
Andrew Bartlett
> --
> -Ron
>
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> God's got a heaven for coutnry trash -- Johnny Cash
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030930/ee1d10d7/attachment.bin
More information about the samba
mailing list