[Samba] Differences between Samba-related PAM modules
Martin Orr
samba at martinorr.name
Fri Jan 7 14:29:48 GMT 2005
Several different PAM modules relating to Samba exist. The ones I could
find were as follows:
pam_smb
http://www.csn.ul.ie/~airlied/pam_smb/
Authenticates against an NT domain controller, without joining the domain.
(Doesn't work with Active Directory.)
pam_ntdom
http://www.cb1.com/~lkcl/pam-ntdom/
Based on the above, authenticates against an NT domain. Requires the client
to be added to the domain using Server Manager. No longer maintained,
superseded by winbind.
pam_smbpass
part of the official Samba distribution
Authenticates against the local smbpasswd database (and not a domain at all).
winbind
part of the official Samba distribution
Authenticates against an NT or Active Directory domain. The client must
join the domain using the Samba "net join" command (or by adding them using
Server Manager). Also includes an NSS library to provide account
information.
Is the above a reasonable description of the different modules?
I have a set of Linux workstations I would like to authenticate against an
NT4 domain to which I do not have admin access, so so far as I can see
pam_smb is the only option. Alternatively, does anyone know if it is
possible to create an NT account whose only ability is to create machine
accounts, which I could probably convince the NT domain admin to do for me?
--
Martin Orr
Linux Administrator,
Methodist College Belfast
More information about the samba
mailing list