[Samba] samba pam kerberos

aarumuga arumugam eccsamba at yahoo.com
Tue Apr 6 05:23:00 GMT 2004

Hi Everybody,
           We are working on samba 3.0.2a with sun
kerberos SEAM and Netscape iDirectory Server support. 
We are able to integrate samba with ldap support. we
tried integrater kerberos for authentication. We found
a solution using pam via pam_krb5 module provided by
the sun solaris 8. 

One important fact we found out using samba pam
authentication, it directly calls for an account
management function instead of an authentication
function. Please refer pam_smb_accountcheck function
() in pampass.c in source/auth . 

We have included options like obey pam instructions
and pam password change to be positive in smb.conf 
and we have included information about samba service
in the pam configuration file. we have included
information about pam in the krb5.conf of kerberos. I
have also set  the encrypt password to be positive in
smb.conf file. 

I am able to get a solaris machine getting
authenticated by the kerberos server.The problem is
when i try to join a Win xp computer to the samba
server . I get access denied error. when i check the
samba logs, i could find the samba sam authentication
succeded but when the pam authentication takes place ,
It says authentication failed , User rejected etc., 

I could not find any information about samba server
contacting in the kerberose server logs.
SAMBA server is not contacting the KERBEROS server for
Please any suggestions is appreciated. I could send
the configuration of samba and pam and kerberos if the
information is not sufficient. 


Do you Yahoo!?
Yahoo! Small Business $15K Web Design Giveaway 

More information about the samba mailing list