On Wed, 18 Feb 2004, Loc Nguyen wrote: > Hi list, > > Could anyone explain why Samba+LDAP PDC needs to have PAM and > NSS configured with ldap to authenticate ? > > I thought that SAMBA > authenticates directly against LDAP rather asking PAM/NSS to do this, > but this doesn't seem to be true. > > I configured a Samba+LDAP PDC with > the help of idealx.org SAMBA PDC howto. I succeeded with 3.0.2a. Just > for experimenting, I used authconfig to disable ldap in nssswitch.conf > and system-auth, the PDC stop working. Is it true that SAMBA need to > authenticate twice, one with SambaSamAccount, and another with > PosixAccount?
Samba relies on the OS it sits on top of to do identify resolution. NSS (/etc/nsswitch.conf) does only Identity resolution. On a PDC+LDAP you must have Posix accounts in LDAP and must be able to resolve UID/GIDs via NSS (nss_ldap) for propoer operation. By default, 3.x does not use PAM authentication for smbd operation. - John T. > > > thanks for any ideas on this matter > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
