[Samba] winbind without localuser account
Paul Matthews
paul.matthews at cathedral.qld.edu.au
Thu Jan 12 01:48:14 GMT 2006
[root at fedora pam.d]# wbinfo -g
builtin\system operators
builtin\replicators
builtin\guests
builtin\power users
builtin\print operators
builtin\administrators
builtin\account operators
builtin\backup operators
builtin\users
domain guests
domain users
domain computers
etc..., etc...
i'm running fedora core 3
i've never used 'getent' before what do i do there?
but i have a local account called 'pma' with the password 'unix' set locally
and the password 'ads' set on active directory, i can set my pam module so i
can login with the username 'pma and password 'ads'. so i think my winbind
is working fine.
ps: i tried that pam module below, same thing happened i can login with my
ads password, but i need a local account without a local account it wont let
me.
i'm using squirriel mail and '/etc/pam.d/dovecot' to test it out.
-----Original Message-----
From: Geoffrey Scott [mailto:geoffs at guestshire.com]
Sent: Thursday, 12 January 2006 11:38
To: paul.matthews at cathedral.qld.edu.au; samba at lists.samba.org
Subject: RE: [Samba] winbind without localuser account
Paul Matthews wrote:
> hi there,
>
> i'm trying to get my winbind working without having a local account
> on the machine, but it's just not working for me
>
> can someone show me an example of a pam module that requires only a
> Active directory password.(i'm working with /etc/pam.d/dovecot)
>
> i can use my AD password as long as i have a local account, but i
> don't want to have a local account.
For samba on debian this works:
auth sufficient pam_winbind.so
auth required pam_unix.so nullok
account sufficient pam_winbind.so
account required pam_unix.so
session required pam_unix.so
password required pam_unix.so
Also what do the getent & wbinfo tests show? Do they work?
Regards Geoff Scott
More information about the samba
mailing list