-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Loc Nguyen �rta: | Hi list, | | Could anyone explain why Samba+LDAP PDC needs to have PAM and | NSS configured with ldap to authenticate ? | | I thought that SAMBA | authenticates directly against LDAP rather asking PAM/NSS to do this, | but this doesn't seem to be true. | | I configured a Samba+LDAP PDC with | the help of idealx.org SAMBA PDC howto. I succeeded with 3.0.2a. Just | for experimenting, I used authconfig to disable ldap in nssswitch.conf | and system-auth, the PDC stop working. Is it true that SAMBA need to | authenticate twice, one with SambaSamAccount, and another with | PosixAccount? | | | thanks for any ideas on this matter Yes and no, you don't need to authenticate twice, e.g. you can disable the coresponding UNIX account, and stil able to log in via samba, but you need a UNIX (Posix) account. The rationelle is quite simple: As long as Samba runs as a Unix process, in order to get the rights of the user as you are connecting it is runing with that users userid. Without a valid userid, aka Posix account it would not be possible.
Cheers,
Geza -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD4DBQFAM9pv/PxuIn+i1pIRAlL5AJiurPb5Xix6XqGaXPpd7mMQ7VHmAJ415mPe i2CNXBr0DM/FslXhMKbADA== =/DhM -----END PGP SIGNATURE-----
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
