[Samba] Authenticating against local PAM configuration

Volker Lendecke Volker.Lendecke at SerNet.DE
Sat Apr 16 01:04:33 MDT 2011

On Fri, Apr 15, 2011 at 02:38:45PM -0500, Madhusudan Singh wrote:
> As I mentioned earlier, easy or not, winbind has in the past not proven to
> be stable and easy or not, I want to avoid using it.
> The facts of the case are - I have a robust LDAP based authentication that
> is working.
> Can I just ask Samba to use the local PAM configuration (regardless of what
> it is) ? That way, if this windows environment changes authentication
> mechanisms again, I will have only thing to fix instead of the mess that ADS
> is (plus, I will need to ask our IT folks to come do a net ads join for us).

If you mean to use PAM for password checking, then
unfortunately it is not possible. The PAM API expects plain
text passwords from the application, something which Samba
does not have. Probably you just can't export CIFS from
Linux if PAM is your only option.

With best regards,

Volker Lendecke

SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen

More information about the samba mailing list