[Samba] pam ftp login format?

David Shapiro David.Shapiro at bcbsnc.com
Thu Feb 9 16:02:10 GMT 2006


Still hoping for some help here.  If my pam setup is correct (not sure
if it is), when I run ftp to connect, do I put my login as
DOMAIN/mylogin, or do I use DOMAIN+mylogin (my separator is + in
smb.conf), or do I do mylogin.  Please see my question sent earlier on
pam setup:
 
Is it enough to get samba to work to do the following:
 
Add in /etc/security/user on the default SYSTEM line:
 
SYSTEM = compat OR WINBIND                       # OR or AND?
 
Add in /usr/lib/security/methods.cfg:
 
PAM:
         program = /usr/lib/security/PAM
 
WINBIND:
        program = /usr/lib/security/WINBIND
        options = authonly
*        options = auth=PAM,db=BUILTIN                                 
   (do we need this line? If so, is BUILTIN always what you need if you
use ads/tdb?)  How do we know what to use? 
 
pam.conf:
 
# Authentication Management
sshd    auth            required        /usr/lib/security/pam_aix
ftpd    auth            required       
/usr/lib/security/pam_winbind.so debug unknown_ok DOMAIN               
# are these lines correct if I am trying to use pam for ftp (testing)
OTHER   auth            required        /usr/lib/security/pam_aix
 
# Account management
sshd    account         required        /usr/lib/security/pam_aix
ftpd    account         required        /usr/lib/security/pam_aix.so
debug
OTHER   account         required        /usr/lib/security/pam_aix
 
# Password management
sshd    password        required        /usr/lib/security/pam_aix
ftpd    password        required        /usr/lib/security/pam_aix.so
debug use_first_pass
OTHER   password        required        /usr/lib/security/pam_aix
 
# Session management
sshd    session         required        /usr/lib/security/pam_aix
ftpd    session         required        /usr/lib/security/pam_aix.so
debug
OTHER   session         required        /usr/lib/security/pam_aix

Where is the logging information so I can see what is going on?  It is
not in messages.
 
 
 
David Shapiro
Unix Team Lead
919-765-2011



More information about the samba mailing list