[Samba] Member server guide broken
Rowland Penny
rowlandpenny at googlemail.com
Wed Aug 20 10:58:25 MDT 2014
On 20/08/14 17:51, Marc Muehlfeld wrote:
> Am 15.08.2014 14:28, schrieb Ryan Ashley:
>> Again, I am using 4.1.11 and since I see 4.2 is stable,
> 4.2 isn't stable! It's still a development version!
> You should not use a development version in production.
>
>
>
>
>> Why does everybody here always assume the new guy is wromg?
> But you are, if you're saying that the default of '--with-pam default'
> is 'no'!
>
> Have you read my reply to one of your previous posts in this thread
> (Attached below again. Please read it. I spend some time to revalidate
> the HowTo for you!). There's the proof. :-)
>
>
>
>
>> https://wiki.samba.org/index.php/Build-time_configuration_options#--with-pam
> Have you seen, when this page was last time edited?
> 03:55, 17 March 2006
>
> It is much more than outdated! We should remove this page.
Why? if you take the time to read the line at the top, you will find why
he got it wrong ;-)
'This page documents the options that can be passed to the Samba3
configure script.'
Anybody else spot the obvious mistake the OP made ???
Rowland
>
>
>
>
>
>> Do I preally have to start putting videos on YouTube to prove this to
>> you people?
> I think it would be worth. Otherwise it seems we never find out what you
> are doing different than we're saying in the Member HowTo which works
> for all others here. Maybe something on your system is really different
> and this isn't mentioned there.
>
>
>
>
>
>
> -------- Original-Nachricht --------
> Betreff: Re: [Samba] Member server guide broken
> Datum: Fri, 15 Aug 2014 12:36:34 +0200
> Von: Marc Muehlfeld <mmuehlfeld at samba.org>
> An: admin at reachtechfp.com, samba at lists.samba.org
>
> Am 15.08.2014 05:26, schrieb Ryan Ashley:
>> The guide for PAM fails because, as can be seen on the build-time
>> parameters page, PAM IS NOT BUILT BY DEFAULT.
> Where did you read that?
>
> At least 'configure' tells me on 4.1.8, that _it is_ enabled by default:
>
> # ./configure --help | grep pam
> --with-pam
> Build with pam support (default=yes)
> --with-pam_smbpass
> Build with pam_smbpass support (default=yes)
>
>
>
>
>> Now, couple that with the
>> guide only showing "--with-ads" and "--with-shared-modules=idmap_ad",
>> and you do not get PAM. As soon as I figured out PAM wasn't being built
>> and I built it, I could login after making those changes to my PAM
>> files. So i will say it again, THE MEMBER SERVER GUIDE IS BROKEN. Now I
>> have the proof. Next time PLEASE try seeing something from the other
>> person's perspective BEFORE chewing them out.
>>
>> To summarize:
>> PAM modules are not built by default
> I revalidated the HowTo with 4.1.8 and I don't see any problem!
>
>
>
>
>
> I setup a new Member on RHEL 6.5, according to the HowTo:
>
> # ./configure --with-ads --with-shared-modules=idmap_ad
> # make
> # make install
>
>
> After that, smbd already shows, that it was build with PAM support:
> # smbd -b | grep WITH_PAM
> WITH_PAM
> WITH_PAM_MODULES
>
>
>
>
>
> Then I configured PAM manually (not via the Red Hat tools), like
> described in the HowTo
> (https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server#Setting_up_PAM_authentication),
> and ssh using a Domain user works without any problem
>
> # ssh demo at M1
> demo at m1's password:
> Last login: Fri Aug 15 12:22:45 2014 from m1.samdom.example.com
> [demo at M1 ~]$
>
>
>
>
>
> I don't see any problem with the HowTo.
>
>
> If you still think, there's something wrong, then please give more
> details than just saying, that "the guide is broken":
> - Samba version
> - All 'configure' parameters used
> - Link to the HowTo you followed
> - Output of 'smbd -b | grep WITH_PAM'
> - etc.
>
>
More information about the samba
mailing list