[Samba] su broken after ldap auth
Natxo Asenjo
natxo.asenjo at gmail.com
Wed Jul 6 20:33:02 GMT 2005
hi,
first of all, thanks to all the samba team for your great work and
documentation. Well done!
I have followed the 'By Example' guide, everything is working fine,
except one thing. As indicated on chapter 5, point 14 of Configuration
of smbldap-tools, when I try:
# getent passwd | grep root
I have 2 results, both id 0
root:x:0:0:root:/root:/bin/bash
root:x:0:512:Netbios Domain Administrator:/root:/bin/bash
The problem arises when, as root, I try su-ing to another user. It
asks me for a password! Which is quite embarrassing if the account you
try to su to has none (like the account for the fetchmail daemon, for
instance).
This all on a debian sarge, samba 3.0.14a, openldap 2.2.23.8.
My /etc/pam.d/su is this:
#%PAM-1.0
auth sufficient /lib/security/pam_ldap.so
auth requisite pam_wheel.so group=wheel debug
auth required /lib/security/pam_unix_auth.so use_first_pass
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix_acct.so
password required /lib/security/pam_ldap.so use_first_pass use_authtok
session required /lib/security/pam_unix_session.so
thanks in advance,
N.Asenjo
More information about the samba
mailing list