[Samba] Minimum requirements for pam.d/samba file for AD member

Mark mrote at hotmail.com
Sat Feb 17 16:54:53 GMT 2007

We've been using samba on a small scale in my group using tdbsam but I 
got the go ahead to setup a Samba member server as part of our AD domain 
for our Desktop Support group for desktop image archiving and software 

Running Fedora Core 6 with the latest Samba rpms from samba.org I have 
successfully joined the AD domain in our test environment.   kinit works 
for all domain users that I've setup. wbinfo -g and -u returns the 
groups and users from the domain. getent group/passwd also returns the 
groups and users.

After researching various article and howtos, I've noticed that there 
are many different things that people have put in the /etc/pam.d/samba 
file. Before I get into this much more, I was wondering what the minumum 
requirements or best practices are for the contents of this file. At 
this time, I don't plan on using AD authentication for anything other 
than file share access.

Basically, I'd like to have local group(s) on the Samba server and be 
able to add domain groups from Windows 2K3 AD to this local group to 
provide access to shares.


More information about the samba mailing list