On Thu, 24 Mar 2011 15:58:09 +0100
Vic Watson <vic.watson(a)ericsson.com> wrote:
Hi All.
Sorry for the neophyte nature of my questions, but I'm struggling to
get my system running against a tight deadline...
I've got all my machines authenticating logins etc. nicely against
sssd. My /etc/pam.d/system-auth works fine.
Now I need to get samba working. My security setting is "user", which
I expected to authenticate via pam. My /etc/pam.d/samba just includes
system-auth, so that's clearly incorrect, as it completely fails to
authenticate.
Does anyone have a potted smb.conf / pam.d/* I could use?
Samba can't use pam, as the CIFS protocol never sends passwords in the
clear. In security=user mode you have to create "samba" users too using
smbpasswd -a and assign them a samba password.
That password can be different than the login password and is fully
managed by samba.
This would be the fastest way although probably not the most convenient.
If you want a system where passwords are managed in a unified fashion
then you probably need to make samba a domain member (if you already
have a domain controller for your windows clients) or a domain
controller and join the windows clients in there.
In these cases you will have to use winbindd.
Simo.
--
Simo Sorce * Red Hat, Inc * New York