[Samba] Re: samba 3.0.4 on SLES8: password sync will
not work...(decode_pw_buffer: incorrect password length)
Gerald Drouillard
GerryList at Drouillard.ca
Tue May 18 11:01:07 GMT 2004
RRuegner wrote:
> Hi Cris again, youre right in this setup i use
> smbpasswd backend with samba 3.0.4 , cause i also patched the pptpd to
> look at it,
> but i didnt noticed any problem using smbpasswd instead
> of tdb ( but for sure it is not recomended any more )
> I use this for a small network, but everything works which is from need
> for a pdc.
> In other networks i use ldap, cause of using bdc and advanced features
> I think the use of the smb passwd backends (tdb, ldap etc ) has to fit
> to your needs, and what you prefer, in this case pam and smbpasswd gives
> me help
> in being compatibel to older stuff which i wanna use ,too.
I was just playing with PAM last night to allow user to change their
passwords.
/etc/pam.d/samba:
#%PAM-1.0
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
#the following 2 lines get samba to bybass pam_cracklib -- especially
the dictionary checks
password required pam_pwdb.so shadow md5
password optional pam_smbpass.so nullok use_authtok try_first_pass
#password required pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf
debug
/etc/pam.d/system-auth
#%PAM-1.0
auth required pam_env.so
auth sufficient pam_unix.so likeauth nullok
#auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so
account required pam_unix.so
#account sufficent pam_ldap.so
password requisite pam_cracklib.so retry=3 minlen=4
password requisite pam_unix.so shadow md5 use_authtok try_first_pass
password optional pam_smbpass.so nullok use_authtok try_first_pass
#password sufficient pam_ldap.so use_authtok
#password required pam_deny.so
session required pam_limits.so
session required pam_unix.so
#session optional pam_ldap.so
More information about the samba
mailing list