[Samba] PAM with Samba

Grady Neely gneely74 at gmail.com
Tue Mar 16 13:14:36 MDT 2010


I am trying to get my Samba installation to use PAM under Ubuntu.  I have created the /etc/pam.d/samba, but as far as I can tell samba is not using the directives in there.  I have ssh and netatalk using PAM successfully against a Kerberos ticket issuer, so I know my PAM installation is working for some services.   I am sure I have something wrong in my smb.conf as I am a bit of a newbie with samba when it comes to PAM.

My /etc/pam.d/samba file is a clone of my netatalk PAM file, because my netatalk shares are working just fine.

Here is my [global] section from  smb.conf:

	log file = /var/log/samba/log.%m
	passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
	obey pam restrictions = yes
	map to guest = bad user
	# encrypt passwords = true
	passwd program = /usr/bin/passwd %u
	passdb backend = tdbsam
	dns proxy = no
	server string = %h server
	winbind enum users = yes
	winbind enum groups = Yes
   	winbind use default domain = Yes
   	winbind nested groups = Yes
   	winbind separator = +
   	idmap uid = 2000-20000
   	idmap gid = 2000-20000
	unix password sync = yes
	workgroup = [redacted]
	os level = 20
	syslog = 3
	realm = [redacted]
	security = ads
	panic action = /usr/share/samba/panic-action %d
	usershare allow guests = yes
	max log size = 1000
	pam password change = yes
	preferred master = no

More information about the samba mailing list