Re: samba / UNIX password sync

Matthijs, thanks for the comments.

I failed to mention - this samba server is actually acting as a domain
controller, no windows servers involved.
Perhaps I did not get the whole concept right but I was under impression
that option

unix password sync = Yes

allows just that - keeping smb and Linux passwords in sync when smb password
is changed from windows client machine.

Regards, Vladimir

On 8/30/06, Matthijs.Sneijders@xxxxxxxxxxxxxx <
Matthijs.Sneijders@xxxxxxxxxxxxxx> wrote:

you might want to consider a slightly different approach to your setup,

-use pam_smb to authenticate users on your linux system using the windows
user database
-use nss (/etc/nsswitch.conf) to get userinformation from files/nis) You
still need the windows usernames available in passwd/nis
for information like homefolder/shell/uid/gid

in smb.conf use server or domain security. (domain is better but samba
must join the domain first)
this enables samba to authenticate incoming connections using the windows
user database

This way, all authentication is done using windows accounts, no password
sync is needed anymore!



Matthijs Sneijders




CORUS
Research,
Development
&
Technology

Building
3G16 room
3-312

P.O. Box
10.000

1970 CA
IJMUIDEN

phone +31 (0)251-496400

fax +31 (0)251-470064

mail matthijs.sneijders@xxxxxxxxxxxxxx






|---------+------------------------------>
| | "Vladimir Kosovac" |
| | <vkosovac@xxxxxxxxx|
| | > |
| | Sent by: |
| | redhat-list-bounces|
| | @redhat.com |
| | |
| | |
| | 30-08-2006 01:14 |
| | Please respond to |
| | General Red Hat |
| | Linux discussion |
| | list |
| | |
|---------+------------------------------>

>-------------------------------------------------------------------------------------------------------------------|
|
|
| To: redhat-list@xxxxxxxxxx
|
|
cc:
|
| Subject: samba / UNIX password
sync |

>-------------------------------------------------------------------------------------------------------------------|




Hi all.

I am running very old version of samba (2.2.7) and cannot upgrade just
yet,
must make this work as it is (if possible).

After playing a bit with pam modules, I got first part of what I want to
do
going - windows user is able to change domain password from windows.
However, this change never gets synced to Linux password, although (I
think)
configuration is OK. Can someone give me some pointers to what else I need
to look at? Current relevant config is:

Server: Red Hat 7.1 / samba-2.2.7-2.7.2 (compiled from RH source with some
extra options, --with pam-smb_passwd included)
Client: Windows 2000 / some XP

#/etc/pam.d/samba
#%PAM-1.0
# The PAM configuration file for the `samba' service
#
auth required /lib/security/pam_smbpass.so nodelay
account required /lib/security/pam_pwdb.so audit nodelay
session required /lib/security/pam_pwdb.so nodelay
password required /lib/security/pam_smbpass.so nodelay
smbconf=/etc/samba/smb.conf

#/etc/samba/smb.conf
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
pam password change = yes
obey pam restrictions = yes

What am I missing? Help appreciated,

Vladimir
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



**********************************************************************
This transmission is confidential and must not be used or disclosed by
anyone other than the intended recipient. Neither Corus Group Plc nor
any of its subsidiaries can accept any responsibility for any use or
misuse of the transmission by anyone.
**********************************************************************

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

Relevant Pages

  • Re: mount Linux directory on Windows
    ... and its for mounting Windows directory on Linux using Windows Samba Server. ... I want mount linux directory using Linux Samba Server on Windows Client. ...
    (RedHat)
  • Re: Connection to a SAMBA Active Directory
    ... I built a new Windows 2003 Server in a brand new domain. ... I am able to define a 2 way Realm trust using the Active Directory ... There is a bit of confusing on the SAMBA side. ...
    (microsoft.public.exchange.connectivity)
  • [HPADM] RE: Mapping Samba Share to XP
    ... "The mapped network drive could not be created because the following error occurred: The remote computer is not available." ... Is there anything I need to change in the configuration on the CIFS server? ... I am unable to map to the Windows XP clients on the 158 subnet still, but this is due to the firewall, so if someone knows how I can make that happen, please let me know? ... Mapping Samba Share to XP ...
    (HP-UX-Admin)
  • mount Linux directory on Windows
    ... I want to mount Linux Directory on Windows PCs. ... For mounting i used Samba Server. ... # per user logon script ...
    (RedHat)
  • Re: mount Linux directory on Windows
    ... I want to mount Linux Directory on Windows PCs. ... For mounting i used Samba Server. ... # per user logon script ...
    (RedHat)