[Samba] Member server guide broken
L.P.H. van Belle
belle at bazuin.nl
Wed Aug 20 04:00:49 MDT 2014
hmm samba member guide broken? I think not.
All my script are someway a copy of the wiki instructions.
and besides...
You have a few options to install Samba:
Build Samba by yourself. ... you needed to configure by yourself.
or you need to check your OS Build specs..
like this..
Ubuntu 14.04 samba 4.0.6 version
smbd -b | grep PAM
HAVE_SECURITY_PAM_APPL_H
HAVE_SECURITY_PAM_EXT_H
HAVE_SECURITY_PAM_MODULES_H
HAVE_SECURITY__PAM_MACROS_H
HAVE_LIBPAM
HAVE_PAM_GET_DATA
HAVE_PAM_RADIO_TYPE
HAVE_PAM_RHOST
HAVE_PAM_START
HAVE_PAM_TTY
HAVE_PAM_VSYSLOG
WITH_PAM
WITH_PAM_MODULES
debian wheezy with sernet-samba 4.1.11
smbd -b | grep PAM
HAVE_SECURITY_PAM_APPL_H
HAVE_SECURITY_PAM_EXT_H
HAVE_SECURITY_PAM_MODULES_H
HAVE_SECURITY__PAM_MACROS_H
HAVE_LIBPAM
HAVE_PAM_GET_DATA
HAVE_PAM_RADIO_TYPE
HAVE_PAM_RHOST
HAVE_PAM_START
HAVE_PAM_TTY
HAVE_PAM_VSYSLOG
WITH_PAM
WITH_PAM_MODULES
Debian wheezy with samba 4.0.9 from backports
smbd -b | grep PAM
HAVE_SECURITY_PAM_APPL_H
HAVE_SECURITY_PAM_EXT_H
HAVE_SECURITY_PAM_MODULES_H
HAVE_SECURITY__PAM_MACROS_H
HAVE_LIBPAM
HAVE_PAM_GET_DATA
HAVE_PAM_RADIO_TYPE
HAVE_PAM_RHOST
HAVE_PAM_START
HAVE_PAM_TTY
HAVE_PAM_VSYSLOG
WITH_PAM
WITH_PAM_MODULES
all with PAM enabled ...
so maybe something went wrong with your configure.
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: ryana at reachtechfp.com
>[mailto:samba-bounces at lists.samba.org] Namens Ryan Ashley
>Verzonden: vrijdag 15 augustus 2014 14:29
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] Member server guide broken
>
>Again, I am using 4.1.11 and since I see 4.2 is stable, I may
>switch and see if it helps. Here is the proof you requested.
>Why does everybody here always assume the new guy is wromg?
>Seriously, adding that parameter fixed the PAM login issue! Do
>I preally have to start putting videos on YouTube to prove
>this to you people?
>
>
>https://wiki.samba.org/index.php/Build-time_configuration_optio
>ns#--with-pam
>
>Sent from my Verizon Wireless 4G LTE smartphone
>
><div>-------- Original message --------</div><div>From: Marc
>Muehlfeld <mmuehlfeld at samba.org> </div><div>Date:2014/08/15
>06:36 (GMT-05:00) </div><div>To:
>admin at reachtechfp.com,samba at lists.samba.org
></div><div>Subject: Re: [Samba] Member server guide broken </div><div>
></div>Am 15.08.2014 05:26, schrieb Ryan Ashley:
>> The guide for PAM fails because, as can be seen on the build-time
>> parameters page, PAM IS NOT BUILT BY DEFAULT.
>
>Where did you read that?
>
>At least 'configure' tells me on 4.1.8, that _it is_ enabled
>by default:
>
># ./configure --help | grep pam
> --with-pam
> Build with pam support (default=yes)
> --with-pam_smbpass
> Build with pam_smbpass support (default=yes)
>
>
>
>
>> Now, couple that with the
>> guide only showing "--with-ads" and "--with-shared-modules=idmap_ad",
>> and you do not get PAM. As soon as I figured out PAM wasn't
>being built
>> and I built it, I could login after making those changes to my PAM
>> files. So i will say it again, THE MEMBER SERVER GUIDE IS
>BROKEN. Now I
>> have the proof. Next time PLEASE try seeing something from the other
>> person's perspective BEFORE chewing them out.
>>
>> To summarize:
>> PAM modules are not built by default
>
>I revalidated the HowTo with 4.1.8 and I don't see any problem!
>
>
>
>
>
>I setup a new Member on RHEL 6.5, according to the HowTo:
>
># ./configure --with-ads --with-shared-modules=idmap_ad
># make
># make install
>
>
>After that, smbd already shows, that it was build with PAM support:
># smbd -b | grep WITH_PAM
> WITH_PAM
> WITH_PAM_MODULES
>
>
>
>
>
>Then I configured PAM manually (not via the Red Hat tools), like
>described in the HowTo
>(https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Serve
>r#Setting_up_PAM_authentication),
>and ssh using a Domain user works without any problem
>
># ssh demo at M1
>demo at m1's password:
>Last login: Fri Aug 15 12:22:45 2014 from m1.samdom.example.com
>[demo at M1 ~]$
>
>
>
>
>
>I don't see any problem with the HowTo.
>
>
>If you still think, there's something wrong, then please give more
>details than just saying, that "the guide is broken":
>- Samba version
>- All 'configure' parameters used
>- Link to the HowTo you followed
>- Output of 'smbd -b | grep WITH_PAM'
>- etc.
>
>
>
>Regards,
>Marc
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list