[Samba] Member server guide broken

Marc Muehlfeld mmuehlfeld at samba.org
Fri Aug 15 04:36:34 MDT 2014

Am 15.08.2014 05:26, schrieb Ryan Ashley:
> The guide for PAM fails because, as can be seen on the build-time
> parameters page, PAM IS NOT BUILT BY DEFAULT.

Where did you read that?

At least 'configure' tells me on 4.1.8, that _it is_ enabled by default:

# ./configure --help | grep pam
            Build with pam support (default=yes)
            Build with pam_smbpass support (default=yes)

> Now, couple that with the
> guide only showing "--with-ads" and "--with-shared-modules=idmap_ad",
> and you do not get PAM. As soon as I figured out PAM wasn't being built
> and I built it, I could login after making those changes to my PAM
> files. So i will say it again, THE MEMBER SERVER GUIDE IS BROKEN. Now I
> have the proof. Next time PLEASE try seeing something from the other
> person's perspective BEFORE chewing them out.
> To summarize:
> PAM modules are not built by default

I revalidated the HowTo with 4.1.8 and I don't see any problem!

I setup a new Member on RHEL 6.5, according to the HowTo:

# ./configure --with-ads --with-shared-modules=idmap_ad
# make
# make install

After that, smbd already shows, that it was build with PAM support:
# smbd -b | grep WITH_PAM

Then I configured PAM manually (not via the Red Hat tools), like
described in the HowTo
and ssh using a Domain user works without any problem

# ssh demo at M1
demo at m1's password:
Last login: Fri Aug 15 12:22:45 2014 from m1.samdom.example.com
[demo at M1 ~]$

I don't see any problem with the HowTo.

If you still think, there's something wrong, then please give more
details than just saying, that "the guide is broken":
- Samba version
- All 'configure' parameters used
- Link to the HowTo you followed
- Output of 'smbd -b | grep WITH_PAM'
- etc.


More information about the samba mailing list