[Samba] Fw: Convert Unix users to Samba users
Andrew Bartlett
abartlet at samba.org
Tue Jan 17 20:57:46 MST 2012
On Thu, 2011-12-29 at 12:28 -0500, Ryan Novosielski wrote:
> We used the pam_smbpasswd module, which does not work for either TDBSAM
> or LDAPSAM I don't think.
pam_smbpass should, it just runs our passdb modules like any other part
of Samba.
> It's OK if you want to maintain an smbpasswd
> file, but I think you really don't for more than X number of users and
> I'm not sure how well it works with Active Directory (this was back
> before AD was big that we were using Samba).
pam_smbpass isn't a way to connect with AD, use pam_winbindd against the
AD domain in this case.
> The way that that worked was to take advantage of other password
> manipulation people had done (eg. authenticate successfully using
> anything) and that that time the PAM module would get the unencrypted
> password and write it using the proper hash for the new Samba auth
> method. That is a pretty slick idea and if it does not exist for LDAP or
> TDBSAM, I do wonder why not.
This migration should still be avilable, but the slow process of waiting
for correct passwords may or may not work in your environment.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list