> From: "Norm Dressler" <ndressler@dinmar.com>
> Date: Fri, 6 Jul 2001 13:15:49 -0400
>
> Well, I got things working from PAM, but it broke my other app (samba).
> BTW, uniquemember works if the pam_member_attribute is appropriately set in
> the ldap.conf.
>
> My problem seems to be the password scripts. Here's some output:
> [root@fpott01 bin]# ./smbpasswd -a ndressler -D 255
> getpwnam(ndressler)
> Building passwd hash table
> Building passwd hash table for the first time
> ndressler not found
> getpwnam(ndressler)
> ndressler not found
> getpwnam(NDRESSLER)
> NDRESSLER not found
> getpwnam(Ndressler)
> Ndressler not found
> getpwnam(ndressleR)
> ndressleR not found
> User "ndressler" was not found in system password file.
> [root@fpott01 bin]# su ndressler
> [ndressler@fpott01 bin]$ passwd
> Enter login(LDAP) password:
> New UNIX password:
> Retype new UNIX password:
> passwd: User not known to the underlying authentication module
> [ndressler@fpott01 bin]$ adduser ndressler
> adduser: user ndressler exists
> [ndressler@fpott01 bin]$
>
> SMBPASSWD seems to be using a call to getpwnam. Do I have something
> misconfigured where this is not returning the LDAP version? The passwd
> script seems to have a similar problem, even though the account exists.
Samba doesn't presently have LDAP support, and since Microsoft has it's own
scheme for password encryption, this is a problem. My "solution" (read:
kludge) was to maintain a smbpasswd file in parallel with my LDAP database. I
hope to get rid of this when samba has LDAP support in it.
Chris
--
Chris Garrigues http://www.DeepEddy.Com/~cwg/
virCIO http://www.virCIO.Com
4314 Avenue C
Austin, TX 78751-3709 +1 512 374 0500
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
Attachment:
pgpEha5ajpMxm.pgp
Description: PGP signature