RRuegner wrote:

Hi Cris again, youre right in this setup i use
smbpasswd backend with samba 3.0.4 , cause i also patched the pptpd to look at it,
but i didnt noticed any problem using smbpasswd instead
of tdb ( but for sure it is not recomended any more )
I use this for a small network, but everything works which is from need for a pdc.
In other networks i use ldap, cause of using bdc and advanced features
I think the use of the smb passwd backends (tdb, ldap etc ) has to fit to your needs, and what you prefer, in this case pam and smbpasswd gives me help
in being compatibel to older stuff which i wanna use ,too.
I was just playing with PAM last night to allow user to change their passwords.
/etc/pam.d/samba:


#%PAM-1.0
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
#the following 2 lines get samba to bybass pam_cracklib -- especially the dictionary checks
password required pam_pwdb.so shadow md5
password optional pam_smbpass.so nullok use_authtok try_first_pass
#password required pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf debug



/etc/pam.d/system-auth #%PAM-1.0

auth        required      pam_env.so
auth        sufficient    pam_unix.so likeauth nullok
#auth   sufficient      pam_ldap.so use_first_pass
auth        required      pam_deny.so
account     required      pam_unix.so
#account        sufficent       pam_ldap.so
password   requisite   pam_cracklib.so retry=3 minlen=4
password   requisite   pam_unix.so shadow md5 use_authtok try_first_pass
password   optional    pam_smbpass.so nullok use_authtok try_first_pass
#password       sufficient      pam_ldap.so use_authtok
#password    required      pam_deny.so
session     required      pam_limits.so
session     required      pam_unix.so
#session        optional        pam_ldap.so

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Reply via email to