[Samba] Re: samba 3.0.4 on SLES8: password sync will not work...(decode_pw_buffer: incorrect password length)

Gerald Drouillard GerryList at Drouillard.ca
Tue May 18 11:01:07 GMT 2004


RRuegner wrote:

> Hi Cris again, youre right in this setup i use
> smbpasswd backend with  samba 3.0.4 , cause i also patched the pptpd to 
> look at it,
> but i didnt noticed any problem using smbpasswd instead
> of tdb ( but for sure it is not recomended any more )
> I use this for a small network, but everything works which is from need 
> for a pdc.
> In other networks i use ldap, cause of using bdc and advanced features
> I think the use of the smb passwd backends (tdb, ldap etc ) has to fit 
> to your needs, and what you prefer, in this case pam and smbpasswd gives 
> me help
> in being compatibel to older stuff which i wanna use ,too.
I was just playing with PAM last night to allow user to change their 
passwords.
/etc/pam.d/samba:

#%PAM-1.0
auth       required	pam_nologin.so
auth       required	pam_stack.so service=system-auth
account    required	pam_stack.so service=system-auth
session    required	pam_stack.so service=system-auth
#the following 2 lines get samba to bybass pam_cracklib -- especially 
the dictionary checks
password   required     pam_pwdb.so shadow md5
password   optional    pam_smbpass.so nullok use_authtok try_first_pass
#password   required 	pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf 
debug


/etc/pam.d/system-auth
#%PAM-1.0

auth        required      pam_env.so
auth        sufficient    pam_unix.so likeauth nullok
#auth	sufficient	pam_ldap.so use_first_pass
auth        required      pam_deny.so
account     required      pam_unix.so
#account	sufficent	pam_ldap.so
password   requisite   pam_cracklib.so retry=3 minlen=4
password   requisite   pam_unix.so shadow md5 use_authtok try_first_pass
password   optional    pam_smbpass.so nullok use_authtok try_first_pass
#password	sufficient	pam_ldap.so use_authtok
#password    required      pam_deny.so
session     required      pam_limits.so
session     required      pam_unix.so
#session	optional	pam_ldap.so



More information about the samba mailing list