I'm having a heck of a time getting my 3.0.10 install to authenticate users with krb5. Couple of things:
1) First off, after my --with-pam installation, I didn't have a /etc/pam.d/samba file, which was a little disconcerting. Figured maybe its no big deal, I'll just make my own. I couldn't find any good examples unfortunately, so here is what I pieced together: auth required pam_krb5.so account required pam_krb5.so session required pam_krb5.so password required pam_krb5.so 2) Then I added "obey pam restrictions = yes" to my smb.conf. 3) I sit down at a Windows box, get a ticket from my Heimdal KDC, try to connect to my samba share, and I get prompted for a password. Obviously this wasn't the desired effect. At least samba is actually running and responding, just not the way I had hoped. Couple of questions I guess. Do I need to set up anything special in my samba server's krb5.keytab? It currently just has a host/FQDN entry. Did I bungle the pam.d/samba file? Is there something else I need to do to make samba use PAM (specifically, the krb5 module)? I'm not using LDAP or ADS, just Kerberos. Thanks a bunch. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
