[Samba] Unix to SMB Password Sync using PAM
Andrew Bartlett
abartlet at samba.org
Sat Apr 9 22:32:33 GMT 2005
On Sun, 2005-04-10 at 00:14 +0200, Schlomo Schapiro wrote:
> Hi,
>
> I used this module sucessfully, but in the auth part, not passwd. That way
> the Samba password is set on each login.
>
> I noticed however, that it is set only if there is no existing password.
> The source shows that this is intended, but can be easily amended with
> your favourite C compiler ...
>
> Apparantly the pam_smbpasswd module is primarily intended for migration
> scenarios where people want to move from unix passwords to Samba
> passwords. In general, if all your unix users hava a Samba password, there
> is no reason to keep both passwords anyway, just use the Samba password
> also for Unix access, e.g. with pam_smb
I strongly recommend against use of pam_smb. Where you need to
authenticate against a Samba password database, look into pam_winbindd,
or things like the modification to Heimdal described here:
https://sec.miljovern.no/bin/view/Info/HeimdalKerberosSambaAndOpenLdap
This last option allows you to then use a very standard pam_krb5 on your
unix workstations.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050410/60c367c1/attachment.bin
More information about the samba
mailing list