[Samba] Samba Authentication of Local Linux Users
Gordon Messmer
yinyang at eburg.com
Fri Feb 24 21:56:30 GMT 2006
Michael Thrift wrote:
> I am not authenticating domain
> users, or windows users, and I don't want to use smbpasswd. Is there
> some way to force samba to authenticate against pam, and only pam? My
> goal is to not add an administrative load whatsoever.
The last goal is not one you can achieve.
If you want to authenticate against PAM, you have to set "encrypt
passwords = no". Note, however, that the man page says:
The use of plain text passwords is NOT advised as support
for this feature is no longer maintained in Microsoft Win-
dows products. If you want to use plain text passwords you
must set this parameter to no.
Now, if you choose to set that option, you have to modify all of your
clients, by importing the appropriate "PlainPassword.reg" file from the
samba distribution.
So, basically, you have a choice between modifying how you manage and
change passwords, so that you can support a secure login method for SMB,
or changing the configuration of all of your windows clients
considerably degrading security.
More information about the samba
mailing list