Dear List, i want to implement a Samba server which authenticates the users via PAM stack against the linux password. How can I do this and is libpam-smb the correct library and where can i download the latest version? Thanks :-) Robert Rottscholl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robert, Am Montag, 12. August 2002 19:18 schrieb Robert Rottscholl:
i want to implement a Samba server which authenticates the users via PAM stack against the linux password.
This is not possible. Linux never stores the plain text passwords; Windows (or any Samba client) never transmits plain text passwords. Thus, there's no data that can be compared anyhow: Linux only has crypt/MD5 hashes of the password, Windows only transmits MD4 data.
How can I do this and is libpam-smb the correct library and where can i download the latest version?
libpam-smb does the reverse thing of what you want: It authenticates a user (loggin in on your Unix/Linux host) against a given SMB server (e.g. a Windows server). Regards, Bastian - -- Bastian Friedrich bastian@bastian-friedrich.de Adress & Fon available on my HP http://www.bastian-friedrich.de/ \~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\ \ I used to be schizophrenic, but we're all right now. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9WDO4lbo7EtEt1mYRAoraAJkBFfxJrFpPuw7K/pbZjcGDGahvOwCfcvDm f1UumT2JKKbl1bZPSNEoCV4= =yKLR -----END PGP SIGNATURE-----
On Tue, Aug 13, 2002 at 12:16:14AM +0200, Bastian Friedrich wrote:
Am Montag, 12. August 2002 19:18 schrieb Robert Rottscholl:
i want to implement a Samba server which authenticates the users via PAM stack against the linux password.
This is not possible. [snip]
How can I do this and is libpam-smb the correct library and where can i download the latest version?
libpam-smb does the reverse thing of what you want: It authenticates a user (loggin in on your Unix/Linux host) against a given SMB server (e.g. a Windows server).
since Samba is able to act as PDC, you could well authenticate your linux users against the Samba password on the linux PDC box, and leave the password fields in /etc/{passwd,shadow} invalid. in effect your linux password becomes a Samba one. if configured properly this probably will even work locally without a running samba, since only the pam module is involved. (?) Lars-Gunnar
participants (3)
-
Bastian Friedrich
-
Lars Ellenberg
-
Robert Rottscholl