[Samba] Authenticating against local PAM configuration
Madhusudan Singh
singh.madhusudan at gmail.com
Fri Apr 15 13:38:45 MDT 2011
As I mentioned earlier, easy or not, winbind has in the past not proven to
be stable and easy or not, I want to avoid using it.
The facts of the case are - I have a robust LDAP based authentication that
is working.
Can I just ask Samba to use the local PAM configuration (regardless of what
it is) ? That way, if this windows environment changes authentication
mechanisms again, I will have only thing to fix instead of the mess that ADS
is (plus, I will need to ask our IT folks to come do a net ads join for us).
On Fri, Apr 15, 2011 at 1:04 AM, Daniel Müller <mueller at tropenklinik.de>wrote:
> Integrating suse with ads is quiet easy?!
> Did you think about that:
>
> http://www.roboguys.com/index.php?option=com_content&task=view&id=78&Itemid=
> 47 (Integrating suse with MADS)!?
> Is not new but in meanwhile it is much easier and it is done by yast.
>
> Good Luck
> Daniel
>
> -----------------------------------------------
> EDV Daniel Müller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
>
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
> -----------------------------------------------
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
> Im
> Auftrag von Madhusudan Singh
> Gesendet: Donnerstag, 14. April 2011 19:17
> An: samba at lists.samba.org
> Betreff: Re: [Samba] Authenticating against local PAM configuration
>
> I forgot to mention that using winbind is not an option. Our previous
> attempt to use winbind worked for a few months and then broke spectacularly
> after the organization made some changes to their ADS.
>
> It has to be just local pam, the way it is.
>
> On Thu, Apr 14, 2011 at 12:14 PM, Madhusudan Singh <
> singh.madhusudan at gmail.com> wrote:
>
> > Hello
> >
> > I have a (OpenSuSE 11.2) linux server that uses our organization LDAP to
> > authenticate users.
> >
> > ssh logins work fine.
> >
> > I have installed a samba server on this server machine and wish to use
> the
> > same authentication mechanism for Samba clients.
> >
> > I do not have any access to the LDAP server (it runs on windows, I think)
> > and it is against our organization's IT policy to allow saving the LDAP
> > admin password on client machines.
> >
> > I have plenty of Howtos about integrating samba with Open LDAP, but they
> > all require saving the admin password in smbpasswd. Not an option at all
> > here.
> >
> > Our IT people installed some kind of a binary module on the linux machine
> > to allow it to authenticate ssh users but that is the extent to which
> they
> > are willing to go.
> >
> > Can I somehow ask samba to forward all authentications to the server pam
> > configuration (without explicitly specifying the passdb backend) ? That
> > method will most likely work for us because the pam authentication
> mechanism
> > works perfectly.
> >
> > Thanks.
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list