Samba only uses PAM if the password is supplied in plain-text - meaning most Windows installations, by default, won't use PAM.
One question is : when using PAM, does the Samba suite call pam_open_session()? functions? If so, it is possible to do an immediate clean up once verified in either the pam_open_session() or pam_close_session().
Joe
Cal Heldenbrand wrote:
Hi everyone,
I'm working on a project where a box is remotely authenticating with PAM against a large user database, and this box acts as a Samba PDC / winbind / authentication server for a local department.
I've talked a bit with the Samba list, and I didn't
really get anything usefull back from them -- one of
the annoying things w/ Samba, is that it *requires* a
local /etc/passwd entry when 'security = user'. I can
see why this would be a nice sanity check, but this
machine does not serve homes, or any other partitions,
it will not be a shell box, or anything else... strictly domain authentication with smb encrypted
passwords.
The master database that I'm authenticating against has around 8000+ users, plus, is dynamically changing. I need a way to on-the-fly add / remove /etc/passwd entries (and not using winbind -- this is a winbind server)
So, my main question to everyone is: Is there some sort of pam_adduser that works with the 'auth' management group that will add /etc/passwd entries?
Thanks for your help!
--Cal Heldenbrand
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
