[Samba] Winbind/ads/pam auth
Stefanos Karasavvidis
sk at isc.tuc.gr
Fri May 20 13:46:06 GMT 2005
you can setup your samba configuration to have a default Domain so the
usernames as the linux machine sees them, will have only the username
part (without the Domain) and you can work as expected.
Simply put
winbind use default domain = yes
in your smb.conf
There is a catch though. You can't have users with the same username
under different domains
sk
Ross McInnes wrote:
> Hi list
>
> Got an odd "problem" here.
>
> But, ive followed the howtos etc getting pam authentication to work etc
>
> Ive just setup imap, the domain username is "test"
>
> When I run getent passwd im returned with
>
> DEV-DOMAIN+test:x:10012:10023:test test:/home/DEV-DOMAIN/test:/bin/false
>
> When I logon onto the windows 2k3 AD as test, it all logs on, sees the Home
> drive on the samba server (authenticates etc) but when I setup imap it wont
> let me logon.
>
> dev1 imapd[11078]: Login failed user=test auth=test host=[172.16.2.252]
> dev1 imapd[11079]: Login failed user=test auth=test host=[172.16.2.252]
> dev1 imapd[11083]: Login failed user=test auth=test host=[172.16.2.252]
>
> But when I change the user name on the mail client to what getent password
> sees (i.e DEV-DOMAIN+test)
>
> dev1 pam_winbind[11077]: user 'DEV-DOMAIN+test' granted access
> dev1 imapd[11077]: Login user=DEV-DOMAIN+test host=[172.16.2.252]
>
> It works!
>
> Why wont it accept just "test" since I cannot expect my users to put in
> AD+username
>
> Any thoughts/ideas/magical faq page ive over looked??
>
> Cheers
>
> Ross
>
--
======================================================================
Stefanos Karasavvidis
Electronic & Computer Engineer, M.Eng.
e-mail : sk at isc.tuc.gr
Technical University of Crete, Campus
Information Systems Center
Address: Akrotiri, Chania, 73100
Tel.: (+30) 28210 37352, 37355 (central), 37766 (ENV.ENG. buildings)
Fax: (+30) 28210 37571
More information about the samba
mailing list