I recall a module which adds usernames when they log in, and can create home directories (I THINK, but I'm not sure). Check out the pam docs to see a list of modules. Thus, autheticate against the domain, and if that succeeds, add a user locally automatically (you could even make a script that would do this) and thus lets them log in. Mathew Johnston PS. I've never done this, so I may not know what I'm talking about :) Erica Douglass wrote: > At 04:28 PM 12/1/2000 +1000, you wrote: > >At 06:45 PM 11/30/00 -0800, you wrote: > > >I cannot get PAM authentication through an NT server working with Apache. > > > > > >My configuration: Cobalt RaQ4 (Redhat; Intel processor) > > > > > >Installed: Apache PAM module > > >PAM_SMB > > > > > >The PAM module for Apache works fine. I have tested with the default > > >configurations and it runs smoothly. However, PAM_SMB does not work. The > > >reason it gives is: "User account has expired" > > > >Is it possible that the user's account has expired under NT? > > > Ummm, you only need pamsmbd if you are doing username mapping. Are you? > > It turns out that the underlying problem is that PAM_SMB has to map the NT > username to a local username. It seems that the module has no support for > wildcards, and I don't want to create an unmanageable list of all the > domain users. (The list would have to be updated every time someone was > added or deleted from the domain.) > > As far as I can tell, there are two choices: > > -- Hack the module to support wildcards (e.g. ALL NT users -> "default" or > "anonymous" locally) > -- Create ~400 local users, or create the aforementioned list. > > Neither choice sounds like a clean solution. Any suggestions? > > Erica > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list
