[Samba] How to enable both remote and local users?
Arno Hahma
arno at jyu.fi
Mon Mar 8 09:54:23 GMT 2004
On 8. Mar, 2004, at 11:26, Manfred Odenstein wrote:
> take a look in /etc/nsswitch.conf
>
> make an entry like : "passwd: files winbind" should solve your problem
I forgot to mention, that I already have it that way. No, it does not
work.
My PAM configuration looks like this:
/etc/pam.d/samba:
#%PAM-1.0
# pam_smbpass.so authenticates against the smbpasswd file
auth required pam_smbpass.so nodelay
account required /lib/security/pam_stack.so
service=system-auth-winbind
session required /lib/security/pam_stack.so
service=system-auth-winbind
password required pam_smbpass.so nodelay
smbconf=/etc/samba/smb.conf
So, this one tries to search smbpasswd first.
/etc/pam.d/system-auth-winbind:
#%PAM-1.0
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
use_first_pa
ss
auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_deny.so
account sufficient /lib/security/pam_unix.so
account required /lib/security/pam_winbind.so
password required /lib/security/pam_cracklib.so retry=3
password sufficient /lib/security/pam_unix.so nullok use_authtok
md5 shado
w
password required /lib/security/pam_deny.so
session required /lib/security/pam_mkhomedir.so
skel=/etc/skel/ umask=0
022
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
This one tries to search /etc/passwd, failing that, goes on to winbind.
So,
_both_ smbpasswd and /etc/passwd should be checked before winbind, but
not avail.
>
> regards odi
--
ArNO
2
More information about the samba
mailing list