[Samba] Authenticating against local PAM configuration

Madhusudan Singh singh.madhusudan at gmail.com
Thu Apr 14 11:16:37 MDT 2011

I forgot to mention that using winbind is not an option. Our previous
attempt to use winbind worked for a few months and then broke spectacularly
after the organization made some changes to their ADS.

It has to be just local pam, the way it is.

On Thu, Apr 14, 2011 at 12:14 PM, Madhusudan Singh <
singh.madhusudan at gmail.com> wrote:

> Hello
> I have a (OpenSuSE 11.2) linux server that uses our organization LDAP to
> authenticate users.
> ssh logins work fine.
> I have installed a samba server on this server machine and wish to use the
> same authentication mechanism for Samba clients.
> I do not have any access to the LDAP server (it runs on windows, I think)
> and it is against our organization's IT policy to allow saving the LDAP
> admin password on client machines.
> I have plenty of Howtos about integrating samba with Open LDAP, but they
> all require saving the admin password in smbpasswd. Not an option at all
> here.
> Our IT people installed some kind of a binary module on the linux machine
> to allow it to authenticate ssh users but that is the extent to which they
> are willing to go.
> Can I somehow ask samba to forward all authentications to the server pam
> configuration (without explicitly specifying the passdb backend) ? That
> method will most likely work for us because the pam authentication mechanism
> works perfectly.
> Thanks.

More information about the samba mailing list