[Samba] Samba+MySQL+Apache Authentication = possible?
(C)ollen
collen at zeist.hermanjordan.nl
Tue Aug 30 14:33:48 GMT 2005
Where can 'mod_ntlm_winbind' be found ???
Greetz
Collen
Andrew Bartlett wrote:
> On Mon, 2005-08-29 at 08:56 +0200, (C)ollen wrote:
>
>>Hmm, must be do-able,
>>
>>there are several modules for apache available.
>>mod_ntlm for example.. lets you authenticate against a PDC (pref. samba)
>>nomather what backend you use.
>
>
> I strongly recommend against the use of mod_ntlm (and likewise pam_smb),
> due to the age of the codebase involved. For NTLM authentication,
> mod_ntlm_winbind is available, and hooks into ntlm_auth, but doesn't do
> basic auth (and needs an apache2 version written).
>
> Also, while we are looking to improve the situation, there are currently
> issues with maintaining the experimental MySQL module for Samba. My
> suggestion is to use LDAP where possible.
>
>
>>there are also some PAM modules around, so you can setup apache to use
>>PAM for authentication, and then you let PAM use the PDC.
>
>
> My preferred option is Samba on LDAP, with Heimdal 0.7 KDC backed onto
> the LDAP database. I then use mod_auth_kerb for my apache servers.
>
>
>>just google around...
>>
>>Greetz
>>
>>Collen (MLHJ)
>>
>>Martin Lefebvre wrote:
>>
>>>Good evening,
>>>
>>>I don't know if this is the right place to ask... but I gotta start
>>>somewhere..
>>>
>>>I have Samba setup as a PDC for my domain using the MySQL passdb backend for
>>>authentication. I would also like to use other components such as
>>>mod_auth_mysql for apache authentication.
>>>
>>>Is there a way that it can use one of the 2 password fields from the samba
>>>MySQL table (nt_pw or lm_pw) in order to do the authentication through the
>>>web server?
>>>
>>>With mod_auth_mysql, I can set several encryption methods, such as md5, or
>>>des, etc. The passwords in the samba MySQL table seem to be encrypted with
>>>md5 (I'm saying that just because they're all 32 characters long)
>
>
> No, the NT password is MD4(unicode(password)) and a the LM password is
> DES(ASCII(PASSWORD))
>
> Andrew Bartlett
>
More information about the samba
mailing list