[Samba] Use LDAP for passwords ONLY
I am trying to figure out if I can setup samba to verify only passwords against LDAP and keep everything else local. Anyone know how to set this up? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Use LDAP for passwords ONLY
We are using pGina (pgina.org) for lab logins. pGina is a pluggable authentication system, similar to PAM except for Windows. pGina allows us to separate the user authentication from the account information. User credentials are checked against LDAP, MySQL, or other authentication source. If credentials are correct, the computer is logged in with a pre-defined windows account. Hope this helps. Tony --- CONFIDENTIALITY WARNING: Pseudo-legal disclaimers do not buy you or your employer any legal recourse for leaked information. E-mail messages should never contain privileged or confidential information. Always treat e-mail as public. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Garey Sent: Thursday, October 03, 2013 11:18 AM To: samba@lists.samba.org Subject: [Samba] Use LDAP for passwords ONLY I am trying to figure out if I can setup samba to verify only passwords against LDAP and keep everything else local. Anyone know how to set this up? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Use LDAP for passwords ONLY
Hoover, Tony hoover at sal.ksu.edu writes: We are using pGina (pgina.org) for lab logins. pGina is a pluggable authentication system, similar to PAM except for Windows. pGina allows us to separate the user authentication from the account information. User credentials are checked against LDAP, MySQL, or other authentication source. If credentials are correct, the computer is logged in with a pre-defined windows account. Hope this helps. Tony That's interesting, but I would like Samba to use the LDAP server rather than the Windows client itself. Trying to avoid install on/modifying the windows clients. Too many of them. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Use LDAP for passwords ONLY
Hello, Am 03.10.2013 18:17, schrieb Garey: I am trying to figure out if I can setup samba to verify only passwords against LDAP and keep everything else local. Can you be a bit more specific what you intend to do? Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Use LDAP for passwords ONLY
Marc Muehlfeld samba at marc-muehlfeld.de writes: Hello, Am 03.10.2013 18:17, schrieb Garey: I am trying to figure out if I can setup samba to verify only passwords against LDAP and keep everything else local. Can you be a bit more specific what you intend to do? Regards, Marc I want all group and user info local on the samba server, but verify passwords against LDAP. So the only thing LDAP is used for is verify the password. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Use LDAP for passwords ONLY
On Thursday, October 3, 2013 12:56 PM CDT, Garey gareysmi...@sbcglobal.net wrote: Marc Muehlfeld samba at marc-muehlfeld.de writes: Hello, Am 03.10.2013 18:17, schrieb Garey: I am trying to figure out if I can setup samba to verify only passwords against LDAP and keep everything else local. Can you be a bit more specific what you intend to do? Regards, Marc I want all group and user info local on the samba server, but verify passwords against LDAP. So the only thing LDAP is used for is verify the password. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba LDAP still will need a username to go with the password. Could you tell us exactly why you want users local instead of in LDAP? -- Donny B. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Use LDAP for passwords ONLY
Donny Brooks dbrooks at mdah.state.ms.us writes: Hello, Am 03.10.2013 18:17, schrieb Garey: I am trying to figure out if I can setup samba to verify only passwords against LDAP and keep everything else local. Can you be a bit more specific what you intend to do? Regards, Marc I want all group and user info local on the samba server, but verify passwords against LDAP. So the only thing LDAP is used for is verify the password. LDAP still will need a username to go with the password. Could you tell us exactly why you want users local instead of in LDAP? Large corporate LDAP server that keeps passwords. Just want to use it for passwords so users don't have another one to keep track of. But I need to control the users who can access the server and local groups that set their rights to information. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Use LDAP for passwords ONLY
If you have an existing LDAP structure, there will still be a separate field for the Windows password. For samba 3.x, you can specify either an local backend or an ldap backend. You can not specify some attributes in ldap but not others. If you want to set up Samba to use LDAP backend you will need to have some admin privileges to on the LDAP server. On 10/03/13 14:32, Garey wrote: Donny Brooks dbrooks at mdah.state.ms.us writes: Hello, Am 03.10.2013 18:17, schrieb Garey: I am trying to figure out if I can setup samba to verify only passwords against LDAP and keep everything else local. Can you be a bit more specific what you intend to do? Regards, Marc I want all group and user info local on the samba server, but verify passwords against LDAP. So the only thing LDAP is used for is verify the password. LDAP still will need a username to go with the password. Could you tell us exactly why you want users local instead of in LDAP? Large corporate LDAP server that keeps passwords. Just want to use it for passwords so users don't have another one to keep track of. But I need to control the users who can access the server and local groups that set their rights to information. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba