> From: Mike Renfro > Disadvantages of pam_smb: > > * Have to create dummy accounts for authorized users on each system. I > think there's a way around that, too, but like I said before, we don't > want every domain user to have Unix access. > > * Tied into the previous disadvantage, dual-boot systems are > difficult. If we add a user onto each system to use pam_smb, that > system has to be in Unix 100% of the time. Winbind avoids this > problem. > > Personally, I've got some sort of Active Directory/LDAP idea on the > horizon, since our central IT bunch is rolling out their first AD > tree. Hopefully it's close enough to regular LDAP to make the Unix > boxes happy. I think MKS has an add-in for Active Directory to make it work with unix. Does anyone know if it is possible to use pam_smb for password checking but LDAP for account information instead of needing the local password file? That would suit my needs nicely for a few boxes with limited users (using password file accounts only) and many boxes that allow all users, with passwords the same everywhere. Les Mikesell les@futuresource.com _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
