[Samba] FW: Questions about Samba 4
L.P.H. van Belle
belle at bazuin.nl
Fri Aug 28 12:53:49 UTC 2015
if ChallengeResponseAuthentication is 'yes', and the PAM authentication policy
for sshd includes pam_unix, password authentication will be allowed through
the challenge-response mechanism regardless of the value of PasswordAuthentication.
start reading as of : Details on PAM Authentication
but a good find, maybe Volker can use this info also.
>Van: samba [mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>Verzonden: vrijdag 28 augustus 2015 14:39
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] FW: Questions about Samba 4
>On 28/08/15 11:48, Volker Lendecke wrote:
>> On Thu, Aug 27, 2015 at 08:17:15AM +0200, L.P.H. van Belle wrote:
>>> This was a test on debian Jessie with sernet samba 4.2.3.
>>> and the test was, "login" with a AD user on ssh.
>>> this worked, fine, but this i noticed later.
>> Currently recompiling with the attached patch. I haven't
>> tested it yet, but I am pretty sure this will fix the issue.
>> For everyone interested, the comment should be pretty
>OK, after reading Volkers patch, I got the feeling that the problem
>wasn't actually a samba problem, so I went googling.
>If I change these lines in /etc/ssh/sshd_config:
>restart ssh: 'service ssh restart' on Debian wheezy
>Now try and login via ssh:
>root at dc01:~# ssh user3 at 192.168.0.196
>Password expired. You must change it now.
>Enter new password:
>Enter it again:
>Warning: Your password will expire in 42 days on Fri Oct 9
>Linux debclient 3.2.0-4-amd64 #1 SMP Debian 3.2.68-1+deb7u3 x86_64
>The programs included with the Debian GNU/Linux system are
>the exact distribution terms for each program are described in the
>individual files in /usr/share/doc/*/copyright.
>Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
>permitted by applicable law.
>Last login: Fri Aug 28 13:23:32 2015 from dc01.example.com
>user3 at debclient:~$
>No spinning winbind PID
>Have I found the cure ?
>To unsubscribe from this list go to the following URL and read the
More information about the samba