[ubuntu-uk] LDAP login authentication - WAS:Authenticating against Samba/NT 4.0 domain

Rob Beard rob at esdelle.co.uk
Fri Oct 17 15:52:36 BST 2008 

Neil Greenwood wrote:
> 2008/10/15 Rob Beard <rob at esdelle.co.uk>:
>   
>> Hi folks,
>>
>> As part of the change over from Windows XP to Ubuntu I'm trying to get
>> the Ubuntu machine to authenticate against a domain.
>>
>> At the moment we have a Windows 2003 SBS server which is going to be
>> _hopefully_ replaced with SME Server 7.3 which provides a domain via Samba.
>>
>> Now I've got this working before on earlier versions of Ubuntu (6.10,
>> 7.04) but not tried it in a while.
>>
>> What I'm trying to do is get the Ubuntu box to authenticate against the
>> domain so when a user comes along, they can login using their Windows
>> login details (saves me hassle of creating extra accounts and keeping
>> passwords up to date).
>>
>> Previously I was able to follow this guide to authenticate the users...
>>
>> http://tech.canterburyschool.org/tech/UbuntuWorkstations_2fAuthenticationSetup
>>
>> The problem is, I'm trying this on Intrepid and some of the
>> configuration files (where it relates to pam) have changed and not being
>> an expert on pam, I don't know what to alter.
>>
>> I see that in some of the palm config files it now uses pam_permit.so
>> rather than pam_unix.so.  I just wondered if pam_permit.so looks in
>> another config file?
>>     
>
> There was an article about PAM in Linux Format issue 99. If you
> subscribe, you can see the articles on their website even if you no
> longer have the issue.
>
> It explains what all of the different pam_xxx.so options do, and how
> to configure them.
>
> If you aren't a subscriber, or no longer have the issue, I'll have a
> look and see what I can crib from the article to help you out.
>
>
> Cofion,
> Neil.
>
>   
Okay I've dug out the issue and had a play but on Intrepid it seems to 
use some new method of authenticating with PAM.  Looks like a good idea 
but I can't find any good documentation on it.

I've enabled LDAP on the SME Server now which I'm hoping will work 
better for what I need.

The problem again is that I can't find any documentation for Intrepid.  
I did find something for Hardy bit that didn't seem to work on Intrepid 
(I ended up breaking sudo with that one!).

Times like this I wish there was a nice GUI which would help me setup 
authentication against the server using LDAP.  I wonder if Likewise will 
do this? (I know it authenticates against Active Directory but I'm not 
actually running AD, just LDAP and a Samba PDC).

Rob

More information about the ubuntu-uk mailing list