diff options
author | John Terpstra <jht@samba.org> | 2003-06-01 01:11:52 +0000 |
---|---|---|
committer | John Terpstra <jht@samba.org> | 2003-06-01 01:11:52 +0000 |
commit | 87767df909e2c9970c230ab5a9eb0fd045afd32b (patch) | |
tree | db4e42340b455f5d2488fe3babfe3686ab32f79d /docs/docbook/projdoc/PAM-Authentication-And-Samba.xml | |
parent | fce14ea7cc16c6a456bf90ffbb0f9950acbc09a2 (diff) | |
download | samba-87767df909e2c9970c230ab5a9eb0fd045afd32b.tar.gz samba-87767df909e2c9970c230ab5a9eb0fd045afd32b.tar.bz2 samba-87767df909e2c9970c230ab5a9eb0fd045afd32b.zip |
More edits.
(This used to be commit 57b0e6b680eab9d580a835439ee1535033fbc81c)
Diffstat (limited to 'docs/docbook/projdoc/PAM-Authentication-And-Samba.xml')
-rw-r--r-- | docs/docbook/projdoc/PAM-Authentication-And-Samba.xml | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/docs/docbook/projdoc/PAM-Authentication-And-Samba.xml b/docs/docbook/projdoc/PAM-Authentication-And-Samba.xml index e61e65ed01..fd3c369580 100644 --- a/docs/docbook/projdoc/PAM-Authentication-And-Samba.xml +++ b/docs/docbook/projdoc/PAM-Authentication-And-Samba.xml @@ -7,7 +7,7 @@ <address><email>vorlon@netexpress.net</email></address> </affiliation> </author> - <pubdate> (Jun 21 2001) </pubdate> + <pubdate>May 31, 2003</pubdate> </chapterinfo> <title>PAM based Distributed Authentication</title> @@ -25,6 +25,10 @@ In addition to knowing how to configure winbind into PAM, you will learn generic possibilities and in particular how to deploy tools like pam_smbpass.so to your adavantage. </para> +<note><para> +The use of Winbind require more than PAM configuration alone. Please refer to: <link linkend="winbind"></link> +</para></note> + <sect1> <title>Features and Benefits</title> @@ -178,7 +182,9 @@ auth required /other_path/pam_strange_module.so <para> The remaining information in this subsection was taken from the documentation of the Linux-PAM -project. +project. For more information on PAM, see +<ulink url="http://ftp.kernel.org/pub/linux/libs/pam/"> +http://ftp.kernel.org/pub/linux/libs/pam</ulink> The Official Linux-PAM home page. </para> <para> @@ -460,6 +466,9 @@ of the login process. Essentially all conditions can be disabled by commenting them out except the calls to <filename>pam_pwdb.so</filename>. </para> +<sect3> +<title>PAM: original login config</title> + <para><screen> #%PAM-1.0 # The PAM configuration file for the `login' service @@ -477,6 +486,11 @@ session required pam_pwdb.so password required pam_pwdb.so shadow md5 </screen></para> +</sect3> + +<sect3> +<title>PAM: login using pam_smbpass</title> + <para> PAM allows use of replacable modules. Those available on a sample system include: </para> @@ -574,10 +588,12 @@ life though, every decision makes trade-offs, so you may want examine the PAM documentation for further helpful information. </para></note> +</sect3> + </sect2> <sect2> -<title>PAM Configuration in smb.conf</title> +<title>smb.conf PAM Configuration</title> <para> There is an option in smb.conf called <ulink @@ -586,7 +602,7 @@ The following is from the on-line help for this option in SWAT; </para> <para> -When Samba is configured to enable PAM support (i.e. +When Samba-3 is configured to enable PAM support (i.e. <option>--with-pam</option>), this parameter will control whether or not Samba should obey PAM's account and session management directives. The default behavior @@ -604,7 +620,7 @@ password encryption. </sect2> <sect2> -<title>Authentication off a remote CIFS Server using winbindd.so</title> +<title>Remote CIFS Authentication using winbindd.so</title> <para> All operating systems depend on the provision of users credentials accecptable to the platform. @@ -656,10 +672,6 @@ generic interface to authentication mechanisms. </para> <para> - For more information on PAM, see <ulink url="http://ftp.kernel.org/pub/linux/libs/pam/">The linux PAM homepage</ulink>. -</para> - -<para> This module authenticates a local smbpasswd user database. If you require support for authenticating against a remote SMB server, or if you're concerned about the presence of suid root binaries on your system, it is |