sam at robots.org.uk
Thu Nov 10 06:58:11 CST 2005
sh at linux2go.dk wrote:
> A few days ago, I had a chat with someone on #ubuntu about Samba.
> He was wondering how to connect to samba on his Ubuntu box. He was used
> to running Gentoo, where he could just use his regular username and
> password. AFAICS that can be achieved in two ways:
> * Using unencrypted passwords
> * by integrating something like smbpasswd -L -a to adduser and the
> smbpasswd PAM module to the passwd PAM stack, we can automagically
> keep the samba user database in sync with the system one.
> Using unencrypted passwords is a really bad idea.
> If we want adduser to add a samba account we either need to rewrite
> adduser to call smbpasswd directly or add some sort of mechanism for
> calling hook scripts from adduser. The former would add a hard
> dependency on Samba which is less than elegant, while the latter
> method also would allow for other system specific stuff to happen
> upon account creation, like sending a welcome mail to the user or what-
> ever you want. Obviously the security implications need to be carefully
> reviewed as the hook scripts will be passed the password of the newly
> created user.
The most elegant way to do this always seemed to be libpam-smbpass. It
is a PAM password module that stores the user's password in the
smbpasswd file. So after installing it, the user changes his password
and can then log in via Samba.
for more information.
PGP key id 5EA01078
3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078
More information about the ubuntu-devel