[Samba] ldap/pam authentication

Jeroen van Aart kroshka at atypon.com
Fri Jul 13 19:57:39 GMT 2007


I was wondering if there is an easy way to authenticate users through 
ldap, or pam (which uses ldap). In our current setup samba uses tdbsam. 
I would like users to be authenticated to our existing ldap server 
(slapd on debian etch). So that if the user has been authenticated 
successfully (s)he can access the directories as configured in smb.conf 
(/home/username, /public etc.) with the file and group permissions the 
person has when for example using a shell.

Using ldapsam with an existing ldap setup is quite a pain and I'd rather 
  avoid it (I have tried but yet did not succeed). I tried using pam, 
which did work, but only for plaintext passwords. Windows by default 
doesn't allow plaintext, so this would lock nout windows users unless 
windows is changed to use plaintext.

There are many systems which can use ldap for authentication by just 
providing a server and distinguished name (dc=...) and such. I was 
hoping samba would be able to do just that, leaving out any other fancy 

Thank you,

More information about the samba mailing list