pam_adduser ?
Joe Lewis
joe at joe-lewis.com
Fri Jul 30 16:09:28 UTC 2004
I never did see a response. I've got one module that will fork()&exec()
the add user script (security hole it is), but I would suggest
building a module from scratch.
Samba only uses PAM if the password is supplied in plain-text - meaning
most Windows installations, by default, won't use PAM.
One question is : when using PAM, does the Samba suite call
pam_open_session()? functions? If so, it is possible to do an immediate
clean up once verified in either the pam_open_session() or
pam_close_session().
Joe
Cal Heldenbrand wrote:
> Hi everyone,
>
> I'm working on a project where a box is remotely
> authenticating with PAM against a large user database,
> and this box acts as a Samba PDC / winbind /
> authentication server for a local department.
>
> I've talked a bit with the Samba list, and I didn't
> really get anything usefull back from them -- one of
> the annoying things w/ Samba, is that it *requires* a
> local /etc/passwd entry when 'security = user'. I can
> see why this would be a nice sanity check, but this
> machine does not serve homes, or any other partitions,
> it will not be a shell box, or anything else...
> strictly domain authentication with smb encrypted
> passwords.
>
> The master database that I'm authenticating against
> has around 8000+ users, plus, is dynamically changing.
> I need a way to on-the-fly add / remove /etc/passwd
> entries (and not using winbind -- this is a winbind
> server)
>
> So, my main question to everyone is: Is there some
> sort of pam_adduser that works with the 'auth'
> management group that will add /etc/passwd entries?
>
> Thanks for your help!
>
> --Cal Heldenbrand
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail Address AutoComplete - You start. We finish.
> http://promotions.yahoo.com/new_mail
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
More information about the Pam-list
mailing list