[Samba] pam_winbind and offline logon
Peter Milesson
miles at atmos.eu
Fri Dec 22 18:40:19 UTC 2023
On 22.12.2023 19:07, bd730c5053df9efb via samba wrote:
> Hi all!
>
> As a long slackware user I'm a total noob in pam and I'm banging my
> head against a wall trying to set it up correctly to play nice with
> slackware's default pam configuration.
>
> One of the things I'm trying to accomplish is to be able to logon
> while the ad domain is available and have pam_mount automount the
> samba shares and to be able to do an offline logon and skip the
> automount if the domain isn't available. Does pam_winbind export some
> information that could indicate if the logon was against an ad dc or
> using cached information that could be used to, for example, skip the
> pam_mount module?
>
> Thanks in advance,
> Best regards,
> Dave.
>
> Sent with Proton Mail secure email.
>
Hi Dave,
Just a few days ago I was banging my head against a wall for
automounting a Samba share when logging on. After a day and a half I
realized that I had the nscd service active. If you have got that one,
uninstall it immediately. Winbind does not work with it.
I essentially followed this article
(https://4sysops.com/archives/linux-smb-mount-for-multiple-users/). For
me, also a previous Slackware buff, PAM is till this day a dark cloud.
Now I'm on Debian, with a long interlude over CentOS (that goes in a
direction I deeply distrust).
What I setup was:
fstab line
========
//myserver/myshare /mnt/net cifs
credentials=/etc/samba/.creds,multiuser,sec=ntlmssp,_netdev 0 0
creds file
=======
domain=mydomain.splat
user=myusername
pass=mypassword
HTH,
Peter
More information about the samba
mailing list