[Samba] "LDAP only" authentication without NSS/PAM - possible?

Andrew Bartlett abartlet at samba.org
Mon Jan 30 21:30:22 GMT 2006

On Fri, 2006-01-27 at 09:22 +0100, Tomasz Chmielewski wrote:
> Is it possible to configure Samba so that it could authenticate users 
> from the LDAP server *only* (i.e., operating system doesn't see the 
> users from LDAP).
> I'm working on an embedded Samba domain controller, it is based on Linux 
> / busybox / uClibc (and Samba with OpenLDAP).
> The system doesn't use glibc, but it's smaller brother uClibc, and it 
> doesn't have anything like PAM or NSS.
> Because of this, Samba can fetch the users from LDAP, but can't verify 
> that these users exist as system users - and refuses to logon with 
> Is there a way I can use Samba + LDAP without seeing LDAP users as 
> system users?

Not in Samba3.  Samba4 may have more options in this space, with our
embedded LDAP server, but the current development code also relies on
system users, for things like downloading profiles.

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20060131/6c86392d/attachment.bin

More information about the samba mailing list