pam/winbind user not found problem
Les Mikesell
les at futuresource.com
Mon Jul 20 18:08:35 UTC 2009
Andreas Schneider wrote:
> On Friday 17 July 2009 04:17:03 Les Mikesell wrote:
>
>> RB wrote:
>>
>>> On Thu, Jul 16, 2009 at 15:24, Les Mikesell<les at futuresource.com> wrote:
>>> <snip Samba questions>
>>>
>>> I don't see how any of this ties in with the original thread, as none
>>> of your questions have anything to do with PAM administration. If you
>>> have questions about using Linux in a Windows domain, you need to be
>>> asking those in the Samba support channels. You could also explore
>>> unifying your logins (using PAM or not) across LDAP as opposed to
>>> proxying through Samba/winbind.
>>>
>> The main connection is that smb auth doesn't provide a uid/gid, but I'll
>> admit I'm fishing for advice hoping someone here knows a better way to
>> combine methods in a scenario where there are two separately managed groups
>> and an auth module that doesn't give account info.
>>
>
> Well it is possible that pam_winbind provides a uid/gid with the idmap_ad
> backend. But this is the PAM mailing list and not the FAQ channel for Samba.
>
> So read the idmap_rid or idmap_ads manpage, the Samba documentation and if you
> still have questions, then write to the samba mailing list.
>
>
I was hoping someone would suggest a better approach than using smb or
winbind at all - or share some experience with stacking authentication
methods that don't have a common concept of uid/gid mapping. I
expected this to be a common problem (existing AD domain doesn't exactly
match what you want on Linux boxes but you don't want to manage two
passwords for the common users), but maybe it isn't.
--
Les Mikesell
lesmikesell at gmail.com
More information about the Pam-list
mailing list