[Samba] samba authentication via pam_pwdfile

Charles Yost cyost at softwareauthority.com
Tue Sep 29 08:02:15 MDT 2009

On Sep 29, 2009, at 6:47 AM, Adam Tauno Williams wrote:

> Because it doesn't work;  at least not without hacking every Windows
> client.  [Does that even still work anymore?  I don't know,  it really
> is not a reasonable/maintainable thing to do].
> You need to either setup an LDAP DSA and use that for authentication  
> and
> have Samba use that too (as a DC).  Or setup Samba as a NT4 PDC and  
> use
> that for authentication.  PAM is, practically speaking, a lost cause  
> for
> Windows clients - for technical/implementation reasons it can't work
> well.

I apologize, I suppose I left some details out. I am not trying to  
setup a domain, or even share printers. All that I am looking to  
accomplish with my samba implementation is sharing a couple of  
directories on the server to a few independent windows machines. I  
don't need users to authenticate across a domain, just to be able to  
have access to the shares based on username restrictions. I can get  
this working just fine using the smbpasswd file, but I am trying to  
unify the passwords used for several services. I am sure it can be  
done because there is a whole chapter in the samba documentation on  
using PAM with winbind on a samba machine when you need to  
authenticate to an existing domain.

More information about the samba mailing list