Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 18 Nov 2004 13:32:01 -0600
From:      Dan Nelson <dnelson@allantgroup.com>
To:        Ivan Voras <ivoras@fer.hr>
Cc:        current@freebsd.org
Subject:   Re: Replacing passwd?
Message-ID:  <20041118193201.GD19265@dan.emsphone.com>
In-Reply-To: <419CD93B.8010906@fer.hr>
References:  <419CD314.80900@fer.hr> <20041118171012.GB19265@dan.emsphone.com> <419CD93B.8010906@fer.hr>

next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Nov 18), Ivan Voras said:
> Dan Nelson wrote:
> >In the last episode (Nov 18), Ivan Voras said:
> >passwd just uses PAM to set passwords, so the cleanest way would be to
> 
> I see in the source that it calls some pam_* functions (I'm not an 
> expert...), so it should probably be documented in the man page.
> 
> >have a pam_smb module that does the password changes, and add it to
> >/etc/pam.d/passwd , or maybe tell have pam_ldap do it.
> 
> The LDAP user entry contains both password used for unix (userPassword) 
> and NT passwords (sambaNTPassword, sambaLMPassword) - can PAM modules be 
> "stacked" to update all those fields? (if so, how? :) )

Sure.  Just mark both as required, and it'll run them.

> I still feel that installing pam_smb would not be a good idea since I'm 
> authenticating on the FreeBSD machine just fine using only pam_ldap.

If you only configure the "password" service, it won't use pam_smb for
authentication at all.

-- 
	Dan Nelson
	dnelson@allantgroup.com



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041118193201.GD19265>