[Samba] Disable Pam checking for Samba4 Standalone role server with samdb_dbds as passdb backend !

Tue Jun 17 04:32:39 MDT 2014

Ok. Thank.
Are all seetings empty ? Have I got it correctly ?
Will test.

2014-06-17 13:26 GMT+04:00 L.P.H. van Belle <belle at bazuin.nl>:

>
> question : "is there any way to access to Samba4 shares without engaging
> of OS pam (using Samba4 only) and without Samba4 AD DC mode (in which all
> worked for me without pam using) ..."
> answhere : yes.
>
> Wel without going in detail and providing proof for the solution then.
>
> [Global. ]
>
> security =
> guest ok =
> map to guest =
>
> [share]
> guest ok =
> guest only =
>
> no user needed on domain/server or pc.
>
> Good luck.
>
>
> Greetz,
>
> Louis
>
>
> >-----Oorspronkelijk bericht-----
> >Van: cpservicespb at gmail.com
> >[mailto:samba-bounces at lists.samba.org] Namens CpServiceSPb .
> >Verzonden: maandag 16 juni 2014 20:57
> >Aan: Greg Sloop
> >CC: samba at lists.samba.org
> >Onderwerp: Re: [Samba] Disable Pam checking for Samba4
> >Standalone role server with samdb_dbds as passdb backend !
> >
> >A little bit off-topic.
> >I don' t have wishing to irritate anyone.
> >And thanks for all who wants and have/had plans to help me.
> >But I don' t like when question/phrase/answer is called stupid
> >without any
> >reason and rights for it.
> >Moreover without providing any proofing.
> >I think here is showing of bad manner and it doesn' t matter
> >whether you
> >are guru or not, you know a lot or not yet and so on. More over when
> >somebody's assumptions differs from other one.
> >I think there is place for showing of respection for each
> >other. And best
> >people, in my oppinion doesn' t have to behaviour way mentioned above.
> >
> >I have still some spaces in my understanding of
> >interoperatability between
> >Samba4 and Pam.
> >I will read as Wiki as other sources. But regarding *specific*
> >question:
> >the question is still (for me) is there any way to access to
> >Samba4 shares
> >without engaging of OS pam (using Samba4 only) and without Samba4 AD DC
> >mode (in which all worked for me without pam using) .
> >If somebody has solution differs from Winbindd and nssswitch, please,
> >provide (or links to it) of course, if somebody has and wants to do so.
> >Anyway, I will discover this situation in my own and after will choose
> >available and suitable for me solution.
> >
> >
> >
> >2014-06-16 21:46 GMT+04:00 Gregory Sloop <gregs at sloop.net>:
> >
> >>  Top posting.
> >>
> >> You can argue all you want with Roland - but frankly he's
> >some of the very
> >> best help available. [And it's clear you're already
> >irritating him quite a
> >> bit, and probably, by association, many others who might contemplate
> >> helping you.]
> >>
> >> I've not used Winbind or sssd to handle a situation like you
> >want to do,
> >> but lots of people HAVE done so successfully. So, claiming
> >Rowland is just
> >> puffing up his "opinion" isn't likely to improve your case.
> >>
> >> Go back and review some of the list threads - there are many
> >on Winbind
> >> and sssd. Read the wiki. Then, if you have some *specific* technical
> >> question you can't solve, then ask it. But pissing on the
> >best people here
> >> isn't going to endear you to anyone who is likely to be able to help.
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> *C> I will look at wiki look further and further. C> But if ou have
> >> useful, really useful link, please send or post. C> I talk
> >about info where
> >> interoperation between Samba4 and OS local security C> subsystem is
> >> described. >>Because your users are storing information on
> >the underlying
> >> OS, if the >>underlying OS doesn't know the user, it will
> >not store the
> >> information >>or allow connection to it. C> Again, when I add user to
> >> Samba4, he/she is stored in Samba4 only. Do you C> agree
> >with the statement
> >> ? >>I fully understand the question, you seem to be unable
> >to understand
> >> the C> answers, or are unwilling to do so. C> I understand
> >your phrases.
> >> But you didn' t provide any proofs/links. C> You can even be
> >partly or
> >> fully right, but without any proofs I can C> estimate your
> >answers as your
> >> oppinion. But I need explonation or at least C> proofing and
> >solution. C>
> >> Regarding Wiki, exact link you sent, it doesn' t explain, it
> >describe "Make
> >> C> domain users/groups available locally through Winbind"
> >only. C> And it
> >> can be understood in a double way, as yours one and as my
> >assumption. >>
> >> You do not need to create the users as Unix users as well,
> >you just need C>
> >> to make the underlying OS be able to get the users >> from AD, on the
> >> samba4 AD you need to set up the winbind links and edit C>
> >/etc/nsswitch It
> >> is: net user->>Samba4->Pam (OS authorize/security subsystem)
> >-> Samba4 C>
> >> (via nssswitch) . There is partial cycling. >> If you are
> >accessing the
> >> shares over the net, you are accessing them C> locally on
> >the OS. C> Ok.
> >> But Samba4 works from Roo as I remember. There are no
> >problems. C> And
> >> thirdly, one question you didn' t post anything. C> I got working
> >> configuration whe I use Samba4 in AD DC mode without any C>
> >else. Why. What
> >> is difference ? *
> >>
> >--
> >To unsubscribe from this list go to the following URL and read the
> >instructions:  https://lists.samba.org/mailman/options/samba
> >
> >
>
>