Andreas Schneider wrote:
On Friday 17 July 2009 04:17:03 Les Mikesell wrote:
RB wrote:
On Thu, Jul 16, 2009 at 15:24, Les Mikesell<les@xxxxxxxxxxxxxxxx> wrote:
<snip Samba questions>
I don't see how any of this ties in with the original thread, as none
of your questions have anything to do with PAM administration. If you
have questions about using Linux in a Windows domain, you need to be
asking those in the Samba support channels. You could also explore
unifying your logins (using PAM or not) across LDAP as opposed to
proxying through Samba/winbind.
The main connection is that smb auth doesn't provide a uid/gid, but I'll
admit I'm fishing for advice hoping someone here knows a better way to
combine methods in a scenario where there are two separately managed groups
and an auth module that doesn't give account info.
Well it is possible that pam_winbind provides a uid/gid with the idmap_ad
backend. But this is the PAM mailing list and not the FAQ channel for Samba.
So read the idmap_rid or idmap_ads manpage, the Samba documentation and if you
still have questions, then write to the samba mailing list.
I was hoping someone would suggest a better approach than using smb or
winbind at all - or share some experience with stacking authentication
methods that don't have a common concept of uid/gid mapping. I
expected this to be a common problem (existing AD domain doesn't exactly
match what you want on Linux boxes but you don't want to manage two
passwords for the common users), but maybe it isn't.
--
Les Mikesell
lesmikesell@xxxxxxxxx
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list