[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Help on pam_smb_auth.so (aka PAM-SMB and PAM-NTDOM)



Unless I misunderstand, you do _not_ need Samba installed to use pam_smb.

Samba is a fileserver for windows pcs. Samba has an option to pass-through
authentiations to the domain controller, when someone tries to connect to
a fileshare from their windows 95 machine.

This isn't what you want at all. You just want to concentrate on setting
up pam_smb, and configuring the entries in /etc/pam.d to point at that
pam_smb. 

smbpasswd will have nothing to do with it, since that's also part of
samba. What you _will_ be doing is adding "stub" entries to the
/etc/passwd file, enough to establish a username, userid, groupid, home
directory, shell, etc. You can * the password field, because that
informatoin will be provided by pam_smb or pam_ntdom.

There are tools out there that will dump your NT userbase into a text
file, with the usernames and other info. Really all you're probably
interested in is the username. If you can get that file, you can batch
create the users on the linux side. If you have a file like

sam
bob
sally
sue

You could say:

#!/bin/sh
for i in `cat ntuserdump`;do adduser $i;done
or
#!/bin/tcsh
foreach i (`cat ntuserdump`)
adduser $i
end

I think that is right...

The reason I'd recommend adduser is that it'll make a bunch of templated
users, using /etc/skel for a home dir template, and you can add other
command line options if you need to control it more. It makes the user
without making you set a password, so it's good for non-interactive use.

hth,

jim

-- 
[L]inux has an installed base conservatively estimated at around 3 million
users.... [V]endors say that most of the top companies in the US have bought
the OS - but that few will readily admit to running their multimillion-dollar
corporations on code put together by a band of software idealists. -- _Wired_

On Fri, 19 Jun 1998, Frederic Lens wrote:

> Hello !!
> 
> 	Basically, here is what we have to do as part of a project in our
> school : we'd like to give the possibility to NT users to use Linux
> Workstations (distrib. RedHat 5 or 5.1). Now, the trouble is, we don't
> want to have duplicate logins for the same users to be able to login on
> NT or Unix. So we thought about using PAM-SMB (or PAM-NTDOM, which
> basically is about the same) to have this possibility (up to now, I
> think I'm right).
> 
> 	As far as I've understood the docs, I have to have SAMBA set up on the
> workstations (which is mandatory for the users to have access to their
> personal, NT hosted files).
> 
> 	Now, I've tried everything, but couldn't get it to work ! Particularly,
> the trust relationship (which I was told is not yet implemented in the
> main SAMBA distribution) isn't working, thus preventing the logins to be
> authenticated by the NT servers !
> 
> 	Anybody knows of a workaround ??
> 
> 	Another thing I haven't quite understood : how do I add the users of
> the NT domain to my smbpasswd file ?? Do I have to recreate every user
> to have them able to authenticate on the Linux boxes ?
> 
> 	Thanks in advance for your help !!
> 
> 	<< Frédéric LENS >>
> Student engineer in telecommunications
> 	http://www.enic.fr
> 
> PS : my pam_smb.conf file is exactly the same as in the README file
> included in the distribution of PAM_NTDOM.
> PS2 : yes, I have checked the domain names and the server names...
> PS3 : the users I tried to log on with do work on the NT domain...
> 
> -- 
> To unsubscribe: mail -s unsubscribe pam-list-request@redhat.com < /dev/null
> 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []