[Samba] Unix to SMB Password Sync using PAM

Schlomo Schapiro samba at schlomo.schapiro.org
Sat Apr 9 22:14:45 GMT 2005


I used this module sucessfully, but in the auth part, not passwd. That way 
the Samba password is set on each login.

I noticed however, that it is set only if there is no existing password. 
The source shows that this is intended, but can be easily amended with 
your favourite C compiler ...

Apparantly the pam_smbpasswd module is primarily intended for migration 
scenarios where people want to move from unix passwords to Samba 
passwords. In general, if all your unix users hava a Samba password, there 
is no reason to keep both passwords anyway, just use the Samba password 
also for Unix access, e.g. with pam_smb


On Thu, 7 Apr 2005, Charles McLaughlin wrote:

> Hello,
> I would like to configure PAM to sync Unix passwords to Samba passwords.  When
> I add a new Unix user or change an existing Unix user's password, I want the
> same password to be stored in /etc/smbpasswd.
> I'm trying to follow these instructions:
> http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/pam.html#id2606200
> It sounds like this is what I want to do:
>  "A sample PAM configuration that shows the use of pam_smbpass to make sure
> private/smbpasswd is kept in sync when /etc/passwd (/etc/shadow) is changed."
> I created the file /etc/pam.d/passwd-sync and pasted the following:
> # %PAM-1.0
> #  password-sync
> # 
> auth       requisite    pam_nologin.so
> auth       required     pam_unix.so
> account    required     pam_unix.so
> password   requisite    pam_cracklib.so retry=3
> password   requisite    pam_unix.so shadow md5 use_authtok try_first_pass
> password   required     pam_smbpass.so nullok use_authtok try_first_pass
> session    required     pam_unix.s
> Then I rebooted and changed my Unix password using "passwd", but that didn't
> change my smbpassd.  I checked to make sure I have all of the needed PAM
> modules, but other than that I don't know what to look for. Am I missing
> something?  Any ideas?
> Thanks in advance.
> Charles


More information about the samba mailing list