#%PAM-1.0
# password-sync
#
# A sample PAM configuration that shows the use of pam_smbpass to make
# sure private/smbpasswd is kept in sync when /etc/passwd (/etc/shadow)
# is changed.  Useful when an expired password might be changed by an
# application (such as ssh).

auth       requisite        pam_nologin.so
auth       required         pam_unix.so
account    required         pam_unix.so
password   requisite        pam_cracklib.so retry=3
password   requisite        pam_unix.so shadow md5 use_authtok try_first_pass
password   required         pam_smbpass.so nullok use_authtok try_first_pass
session    required         pam_unix.so