Date: Thu, 8 Nov 2001 11:19:34 +1100 (EST) From: =?iso-8859-1?q?Paul=20Jansen?= <vlaero@yahoo.com.au> To: barry.byrne@wbtsystems.com Cc: questions@FreeBSD.ORG Subject: RE: pam_smb_auth for an XDM login? Message-ID: <20011108001934.5238.qmail@web12908.mail.yahoo.com> In-Reply-To: <NCBBIAMNAKDKFJIIGNPKOEHCGIAA.barry.byrne@wbtsystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks Barry. I'll check the site out. I actually looked at it quickly last night when it turned up in search. Just to make sure I understand what you're saying in your example - do you need to have a locally defined UNIX account if you're authenticating against an SMB server or is the local account only required when falling back from an SMB authentication failure? How would I go about getting XDM to authenticate a user logon (which is basically just a standard shell login) to be done by PAM_SMB? Any ideas? The features you describe in the new version sound tempting to me. Could we coax the port mainter to upgrade the port do you think? Thanks for your reply. PJ --- Barry Byrne <barry.byrne@wbtsystems.com> wrote: > Paul: > > This is a solution that works quite well. You will > need pam_smb. See > http://www.csn.ul.ie/~airlied/pam_smb/ for more > details. You need to make > some changes to compile it on FreeBSD, as > development is concentrated on > Linux and Solaris. Hoever the current stable version > 1.1.6 is available in > the ports, which might be the easiest way to get it > installed. > > Once installed, there you need a configuration file > /etc/pam_smb.conf which > lists your domain and domain server details. In > addition, you modify > /etc/pam.conf to specify which services should use > which PAM modules. > > For example: > > ftpd auth sufficient pam_smb_auth.so > ftpd auth sufficient pam_unix.so > ftpd account required pam_unix.so > > Would allow FTP login using either SMB (Windows) or > Unix authentication > providing an account exists locally. You will need > to have an account exist > on the server for each user. > > This all works fine, providing you have only one NT > domain, if you need > authentication against multiple domains, you will > need to use the > development version of pam_smb. This is somewhat > more difficult to compile > and configure - but is possible. I use it on a > FreeBSD 4.4 server to have > apache authenticate against two NT domains, and it > seems to work quite well > despite some initial headaches in compiling the > components. > > Cheers, > > Barry > > -- > Barry Byrne, IT Manager, > WBT Systems, Block 2, Harcourt Centre > Harcourt Street, Dublin 2, Ireland > > Phone: +353 1 417 0150 > Fax: +353 1 478 5544 > Email: barry.byrne@wbtsystems.com > Web: www.wbtsystems.com > > > -----Original Message----- > > From: owner-freebsd-questions@FreeBSD.ORG > > [mailto:owner-freebsd-questions@FreeBSD.ORG]On > Behalf Of Paul Jansen > > Sent: 07 November 2001 13:23 > > To: questions@FreeBSD.ORG > > Subject: pam_smb_auth for an XDM login? > > > > > > Hi. > > > > OUr primary NOS at work is NT. I'd like ot be > able to > > enable users to log onto the diskless FreeBSD > > configuration I've set up by using their regular > NT > > username and password. > > Is this actually possible? If not is this > something > > that will be doable sometime in the near future? > > If this is possible currently then how is the > system > > configured to allow this to occur? Do I need to > still > > create a user accoutn on the FreeBSD system, for > each > > individual user or is there some way to set this > up > > 'on the fly'. > > I've done some mailing list searches but there's > not > > much traffic on pam_smb and the messages that I > did > > find were a little old. Is anyone out there using > > this type of configuration anywhere? Care to share > the > > details? > > > > Thanks, > > Paul > > > > > > http://briefcase.yahoo.com.au - Yahoo! Briefcase > > - Manage your files online. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body > of the message > > > http://briefcase.yahoo.com.au - Yahoo! Briefcase - Manage your files online. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011108001934.5238.qmail>